SSH

From Anthony Pastor Wiki Notes - Verba volant, scripta manent
Revision as of 21:07, 22 March 2016 by Anthoanthop (talk | contribs)
Jump to navigation Jump to search

Display key fingerprints informations in /var/log/auth.log

If you have multiple users connecting to a single SSH account (ie: root) and you want to identify clearly who's connecting:

Ensure this value in /etc/ssh/sshd_config: 

LogLevel VERBOSE

/etc/init.d/ssh restart

Everytime a new SSH connexion is completed you could list the fingerprint used: tail -f /var/log/auth.log

To identify a fingerprint's owner by listing all entries in /root/.ssh/authorized_keys

while read l; do
  [[ -n $l && ${l###} = $l ]] && ssh-keygen -l -f /dev/stdin <<<$l;
done < /root/.ssh/authorized_keys

To disable SSH host key checking

for i in 172.16.1.{1..12} 172.17.1.{1..10} 172.18.1.{1..3}; do scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no /etc/scribe/scribe.conf root@$i:/etc/scribe/scribe.conf; done

Improve copy performance by changing Cipher

scp -o Cipher=arcfour local-file user@remote.example.com:/path/
Retrieved from "http://wiki.anthonypastor.fr/index.php?title=SSH&oldid=237"