OpenSSH 5.1 is out.
OpenSSH fully supports SSH protocol versions 1.3, 1.5 and 2.0. It also includes client and server support for sftp.
A few bug fixes, security fixes and new features come with the new 5.1 release. It’s already released to the mirrors so make sure to get patched. FTP mirrors || HTTP mirrors
Its sometimes necessary to limit who has access to a server via SSH. Most Linux security hardening checklist today require this to be enforced.
Fortunately this can be easily done with openSSH. Just edit the /etc/ssh/sshd_config file and add the desired directives shown below. You don’t need them all, just use what suits you needs.
openSSH provides 4 directives, AllowUsers, AllowGroups, DenyUsers and DenyGroups
AllowUsers buddy john doe
Only users buddy, john and doe will be able to log in via ssh.
AllowGroups sysadmin bkpadmin
Only users within groups sysadmin and bkpadmin will be able to log in via ssh.
DenyUsers rambo tina
This is the opposite of AllowUsers. All users except for rambo and tina will be able to log in via ssh.
DenyGroups hr payroll
This is the opposite of AllowGroups. All groups except for hr and payroll will be able to log in via ssh.
Recently I wrote about implementing session timeouts on Linux. For admin’s who know what they are doing(most times) this can sometimes be an annoying experience.
There’s a simple noop script over at bashcurescancer to help work around session timeouts. This will work for ssh and also the default virtual consoles.
Source: BashCuresCancer
I develop quite a few bash scripts to automated backups and dropbox operation in my office. One of the usual requirements is to tar (tar.gz) the files locally and later untar them on the destination server when needed. I have a few simple scripts with interactive menus which help the data center operations team with their daily backup tasks.
One of the challenges during development was the ability to untar files on the backup server over SSH. The command by default will untar to the home directory instead of the target folder output always returned success but the files were nowhere to be found. This apparently is a limitation on the tar command, it did not know where to untar the files to when being executed over SSH. Fortunately the fix was really simple.
Original command,
ssh 127.0.0.1 'tar zxvf ~/test/files.tzr.gz'The simple fix,
ssh 127.0.0.1 'cd ~/test/ ; tar zxvf files.tar.gz'or, (thanks Aik)
ssh 127.0.0.1 'tar zxvf files.tar.gz -C ~/test/'Here’s a video I put together to demonstrate the above. Hopefully I got it right.
