Once I needed to use rsync to copy a lot of data from the server to which only the root user had access, so I allowed the root user to connect via ssh.
Continue reading “SSH root connection in Ubuntu”Tag Archives: SSH
Ubiquiti SSH Management
To connect via SSH to Ubiquiti equipment (UBNT) from Windows, you can use the popular PuTTY utility.
From Linux, you can connect by typing the command:
Installing and configuring SSH
SSH (Secure SHell) is an application-level network protocol that allows remote control of the operating system and tunneling of TCP connections (for example, for transferring files).
Continue reading “Installing and configuring SSH”How to configure SSH on Cisco
In this article I will write how to configure SSH on Cisco.
Connect to the device via telnet or console cable and switch to the privileged mode:
Continue reading “How to configure SSH on Cisco”How to solve on MacOS “REMOTE HOST IDENTIFICATION HAS CHANGED”
Once I transferred the IP address to another server and after connecting to it via SSH from MacOS I saw a warning and therefore failed to connect:
Continue reading “How to solve on MacOS “REMOTE HOST IDENTIFICATION HAS CHANGED””File Transfer Script over SFTP in Windows
I will give an example of a file transfer script via SFTP in Windows.
Continue reading “File Transfer Script over SFTP in Windows”Configuring SSH session timeout
To configure the timeout for SSH sessions, let’s see where the SSH server configuration file is located:
sudo find / -name sshd_config
Open it in any text editor, for example nano:
sudo nano /etc/ssh/sshd_config
How to disconnect SSH user
Let’s say that several users are connected through SSH.
First look at the list of online users:
w
Suppose the following information is displayed (where test is the user’s login):
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT test tty1 11:20 1:07 0.03s 0.03s -bash test pts/0 192.168.1.5 11:21 13.00s 0.02s 0.02s -bash test pts/1 192.168.1.3 11:21 0.00s 0.02s 0.00s w
tty1 – it is a client logged in locally, that is, it is located near the computer.
pts/1 – judging for example on IP and WHAT, let’s assume that it’s us, accordingly pts/0 is the client of which we want to disconnect.
See the list of processes and their PID:
ps faux |grep sshd
At me it was displayed:
root 946 0.0 0.5 65508 5368 ? Ss 12:00 0:00 /usr/sbin/sshd -D root 1147 0.0 0.6 92828 6920 ? Ss 12:01 0:00 \_ sshd: test [priv] test 1178 0.0 0.3 92828 3384 ? S 12:01 0:00 | \_ sshd: test@pts/0 root 1192 0.0 0.6 92828 6592 ? Ss 12:02 0:00 \_ sshd: test [priv] test 1223 0.0 0.3 92828 3532 ? S 12:02 0:00 \_ sshd: test@pts/1 test 1248 0.0 0.0 15468 956 pts/1 S+ 12:25 0:00 \_ grep --color=auto sshd
We find test@pts/0 and accordingly 1178 is the required PID.
We terminate the process by specifying its ID, after which the user will immediately disconnect:
sudo kill -9 1178
See also my articles:
Configuring SSH session timeout
Installing and Configuring SSH
Email notification about each SSH connection
Here are a few ways to receive e-mail notifications about someone connecting to the server via SSH.
FIRST METHOD:
With a text editor, for example nano, open the file /etc/ssh/sshrc (in the nano editor CTRL+X to exit, y/n and Enter to save or discard changes):
sudo nano /etc/ssh/sshrc
And add the following code to it:
ip=`echo $SSH_CONNECTION | cut -d " " -f 1` logger -t ssh-wrapper $USER login from $ip (echo "Subject:login($ip) on server"; echo "User $USER just logged in from $ip";) | sendmail -f server@example.com -t your-email@example.com &
You do not need to restart SSH, the notifications should already come in when connecting.
SECOND METHOD:
Add the specified lines to the config /etc/rsyslog.conf (before each line commented the essence, this code will send messages about failed connections):
# Connect the messaging module $ModLoad ommail # Specify the address of the mail server $ActionMailSMTPServer mail.domain.com # Specify the email from which messages will be sent $ActionMailFrom rsyslog@domain.com # Specify the email to which messages will be sent $ActionMailTo test@domain.com # Specify the subject of the message $template mailSubject,"SSH Invalid User %hostname%" # Specify the content of the message $template mailBody,"RSYSLOG\r\nmsg='%msg%'" $ActionMailSubject mailSubject # Specify in seconds how often messages can be sent $ActionExecOnlyOnceEveryInterval 10 # If the log contains the characters in parentheses, then we send a message if $msg contains 'Invalid user' then :ommail:;mailBody
The same way of sending via rsyslog, but notifications of successful connections are sent (code without comments as above):
$ActionMailSMTPServer mail.domain.com $ActionMailFrom rsyslog@domain.com $ActionMailTo test@domain.com $template mailSubject,"SSH Accepted pass %hostname%" $template mailBody,"RSYSLOG\r\nmsg='%msg%'" $ActionMailSubject mailSubject $ActionExecOnlyOnceEveryInterval 10 if $msg contains 'Accepted password' then :ommail:;mailBody
As a result, if the connection to the SSH server is successful or not successful, messages will be sent to the e-mail. In a similar way, you can announce to email and other events that are logged via rsyslog.
Monitoring the number of Ubiquiti sector clients by SSH from Zabbix
On the test I’ll give an example of getting the number of clients connected to the usual sectoral antenna Ubiquiti AirMax Rocket M5.
We will receive the data via SSH.
To test once we connect to the device (the first time when connecting, type yes and press enter):
sudo -u zabbix ssh -p 22 admin@192.168.0.55
Now in Zabbix we add the data element to the template or host, for example with the name “Template Ubiquiti Rocket M5 Sector”:
Name: any Type: SSH agent Key: ssh.run[clients,,22,utf8] Authentication method: Password Username: NAME Password: PASSWORD Executed script: the command executed on the device (see below)
Example of the command displayed the number of connected clients:
wstalist |grep "mac" |wc -l
Accordingly, we create a graph for the data element, as well as the trigger:
Name: On the sector antenna {HOST.NAME} > 40 clients
Expression: {Template Ubiquiti Rocket M5 Sector:ssh.run[clients,,22,utff8].last(#1)}>40
See also:
Configuring SSH checks in Zabbix