sshd

  1. nerozero

    SSH, CVE-2024-6387

    Hi there, I have red several papers about this vulnerability, but still not clear, does it effects freebsd ssh daemon ( which for me on FreeBSD 13.3, sshd version: OpenSSH_9.6p1, OpenSSL 1.1.1w-freebsd 11 Sep 2023 ) or not? pkg audit -F doesn't seems to show this vulnerability. Temporary fix...
  2. I

    How to harden sshd_config to allow only 1 user to be logged in at any given time?

    How do I harden my sshd_config to allow only 1 user to be remotely logged in at any given time? (A non-admin/wheel and not-root user will login remotely, then upgrade (ie. "su -l admin) to admin/wheel, and then to root should be counted as the same user being logged in at any given time.) I...
  3. K

    After update: Server refused to allocate pty

    Hi, after freebsd-update fetch install and a reboot, I now cannot connect to my remote server. My ssh client on Windows says: End of keyboard-interactive prompts for server - Server refused to allocate pty. I tried to clean my known_hosts ssh file on Windows, then tried to reconnect, nothing...
  4. byrnejb

    Solved upgraded to 13.1p7 from 13.1p2 and now ssh does not connect.

    [root@vhost01 ~ (master)]# sshy vhost02.windsor Connection timed out during banner exchange Connection to 216.185.71.142 port 22 timed out [root@vhost01 ~ (master)]# sshy -vv vhost02.windsor OpenSSH_9.1p1, OpenSSL 1.1.1q-freebsd 5 Jul 2022 debug1: Reading configuration data /root/.ssh/config...
  5. tnpimatt

    FreeBSD 13.2 + OpenSSH 9.3 = 1 connection limit

    I have a small fleet of FreeBSD hosts and all are nearly identical. # uname -a FreeBSD ****.tnpi.net 13.2-RELEASE FreeBSD 13.2-RELEASE releng/13.2-n254617-525ecfdad597 GENERIC amd64 Prior to upgrading to FreeBSD 13.2, I regularly open multiple concurrent ssh sessions to the servers and it has...
  6. byrnejb

    Solved Upgrade to 12.4 from 12.3 - sshd_config file trashed

    I have a number of special settings in /etc/ssh/sshd_config. When I tried to upgrade from 12.3 to 12.4 the config merge process removes everyone of them including the ListenAddress which disables sshd altogether. I do not recall having this difficulty with previous upgrades. Is my memory going...
  7. First_Law_of_Unix

    Solved SSH keeps disconnecting from Supermicro Server after few mins, then completely refuses to reconnect.

    Hello. I installed FreeBSD 13.1 on a Supermicro X8DT3 and also on an AMD desktop machine. I installed OpenSSH server on the X8DT3. Now when I try to connect to it by LAN using: # ssh -vvv -p 2222 user@192.168.0.104 Everything works. But then after some time it gets disconnected and then I...
  8. hakova

    Solved sshd server fails to start

    Hi all, Something broke my sshd service on my FreeBSD VM. When I attempt to start the service I get the following error: # service sshd start Performing sanity check on sshd configuration. ld-elf.so.1: /usr/lib/libprivateheimipcc.so.11: invalid file format /etc/rc.d/sshd: WARNING: failed...
  9. gpw928

    systemd gets inetd functions

    I see that Ubuntu 22.10 delivers updates to OpenSSH "configured by default to use systemd socket activation, meaning that sshd will not be started until an incoming connection request is received. This reduces the memory footprint of Ubuntu Server on smaller devices, VMs or LXD containers." So...
  10. priyadarshan

    Solved How to launch sshd earlier on in the boot sequence?

    At the moment sshd is launched quite late in the booting process. We would need to have sshd running as early as possible on our servers, right after the firewall starts, or, on some local-network only servers, even as soon as possible. Where can one read about a safe, upgrade-compatible way to...
  11. G

    Solved losing access to (some jailed) sshd after pfctl -F rules

    Hey guys, I am currently experiencing a very strange behavior and I've got no more ideas: Situation: FreeBSD server running 13.0-RELEASE several (bastille) jails running 13.0-RELEASE some older (bastille) jails running 12.4-RELEASE SSH access to host (x.x.0.0/24 network) works SSH access to...
  12. Buck

    Blacklistd and sshd not acting immediately according to logs

    A curious thing that I'd like to understand. Blacklistd enabled in sshd config. Connecting from another external IP to ssh and issuing two wrong logins/passwords results in immediate lockout, as expected and defined in the config file. A new entry gets added to blacklistd table in pf as...
  13. F

    Unexpected behavior of ssh(d) with vlan

    Hello, I have a problem with my vlan configuration and sshd my virtual machine is connected do a dhcp server, network is 10.0.2.0 netmask is 255.255.255.0 dhcp-range is 10.0.2.2-100 In my rc.conf ifconfig_em0="DHCP" em0 will get ip 10.0.2.15 with this, sshd is reachable on 10.0.2.15 but...
  14. Allan

    Clearing Screen on Login Banner

    I have a MOTD file that has the escape codes to clear the screen as the first line. The idea is that the user is presented with a clean screen and my MOTD. ^[[2J^[[;H This is the message of the day... Blah, blah, blah. It works as expected. Now, I want to do the same thing with the banner...
  15. Allan

    Showing the REMOTE IP address on the login banner

    I have a login banner that is displayed prior to password authentication via SSH. This is what it currently looks like: =================================================== This is a private system. Only authorized users may access this system with their individually assigned user accounts...
  16. W

    Encrypted root with unencrypted preboot and reboot -r

    Hi there! Been working with linux for many years and recently started to learn FreeBSD and really loved it. I'm trying to create a fully encrypted setup with the possibility to unlock the drive remotely (e.g. using SSH). I know about the possibility to leave the base system and encrypt user...
  17. A

    How do I manually seed the FreeBSD RNG ?

    I understand that the FreeBSD RNG is automatically seeded with various, robust sources of entropy. I understand that I don't need to seed it and my seeding is probably worse than the default. HOWEVER, just because I am curious, I wonder ... I used to be able to set this sysctl: sysctl -w...
  18. jontheil

    sshd not working, no access by ssh after crash on 12.0-RELEASE

    Hi forum, After some configuration issues (tried to install www/nextcloud and set up a nullfs mount), I rebooted the server. From that point I could no longer access the server by ssh. As far as I remember, I didn't change anything vital except for /etc/fstab. I can't connect from any clients...
  19. leebrown66

    Setup a 2nd sshd instance for testing remote configurations

    Suppose you have a remote machine that you can ssh into. You want to make some changes to the config, but making a mistake could lock you out of the box. This is a technique for setting up a 2nd sshd instance and also how to configure it as a service. Standalone On the server enter...
  20. klu

    sshd "PasswordAuthentication no" has no effect

    Hi I'm trying to disable password login for all users except one, "foo". That way, for example, I can login as "bar" with public key but not password. And I can login as "foo" with password. I tried this config: AllowUsers foo bar Match User !foo PasswordAuthentication no Match all #...
Back
Top