Delete host key from known_hosts file

I normally delete the known_hosts file on my machine (not server) when I ssh to a server because the fingerprint has changed. You can delete host’s key as follows.

ssh-keygen -R hostname
# Host hostname found: line 6
/Users/benjaminr/.ssh/known_hosts updated.
Original contents retained as /Users/benjaminr/.ssh/known_hosts.old

Of course, you don’t want to simply do this unless you are aware something changed.

Advertisements

Close an unresponsive ssh session with ~.

SSH escape sequences:

~. – terminate connection (and any multiplexed sessions)
~B – send a BREAK to the remote system
~C – open a command line
~R – Request rekey (SSH protocol 2 only)
~^Z – suspend ssh
~# – list forwarded connections
~& – background ssh (when waiting for connections to terminate)
~? – this message
~~ – send the escape character by typing it twice

Via https://lonesysadmin.net/2011/11/08/ssh-escape-sequences-aka-kill-dead-ssh-sessions/amp/

Get rid of Pseudo-terminal message when you use ssh with here document

When I send multiple commands over ssh to a Linux or ESXi host using here document, I get this message:

Pseudo-terminal will not be allocated because stdin is not a terminal.

For example:

    $ ssh -q root@esxi.local.example.com  <<EOF
    > date
    > hostname
    > EOF
    Pseudo-terminal will not be allocated because stdin is not a terminal.
    Sun Aug 14 06:01:26 UTC 2016
    esxi.local.example.com

Continue reading

User cannot ssh to server, Permission denied

A user is unable to ssh to a Linux box. There is no prompt for password and directly drops to a “Permission denied” error.

ssh user@linux
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

The user uses password authentication and does not use keys. Inspecting sshd_config on the server, password authentication is disabled for this user. This is the reason why the user was unable to login.

A snippet of sshd_config with the settings and explanation.

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       ForceCommand cvs server
Match User user
        PasswordAuthentication no