sshd#QNX: Could not load host key / Missing privileges separation - remote-server

I followed the manual provided by QNX for SDP 6.6.0 on how to set up the OpenSSH SSH daemon except I tried to get it running on an existing Neutrino OS. To no avail so far. I encountered several pit falls which I could not find to be solved in any guide I found on the web.
It works quite easily and out of the box for QNX 6.5.0. E.g.
'How do you install an ssh server on qnx' which only states to generated keys and start the daemon. But that doesn't seem to be the case anymore.
This is how I've tried to tackle this so far:
created folder /etc/ssh and DSA and RSA keys
tried starting sshd => error: /etc/ssh/sshd_config
created empty file /etc/ssh/sshd_config
tried starting sshd => error:
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Missing privileges separation directory: /var/chroot/sshd`
created folder /var/chroot/sshd and file /etc/ssh/ssh_host_ecdsa_key with proper privileges using chmod 700
P.S.: Why is it that there are only very very few sources actually talking about SSH and QNX. Even QNX only refers to NetBSD by linking their plain man pages. In the BSP guides they handle the topic like "Yeah we've got SSH - you can use it." If not SSH what's then the proper way of remote access?!

OK, gonna answer my question rightaway (since after not posting it, I found the answer some days later):
Long story short. The ssh version on QNX 6.6.0 needs also the ssh_host_ecdsa_key key file generated using ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key. The file was present at my system but somehow corrupted and I just had to generate it again. (I did not know that back then and the manuals I was following don't even mention this key)
I would not recommend following the QNX manual (since it's outdated and especially) if you simply just want to start/configure the sshd daemon (ssh server) on an existing system. Follow 'How do you install an ssh server on qnx' instead.

Related

bash: powershell: command not found

For a node project I will have to work on a remote server and for that I will use filzilla for file transfer and ssh for console.
I use Visual Studio Code, I installed a remote ssh extension,
I did the hostname and user configurations as well as secretkey,
because before that I had another error The process tried to write to a nonexistent pipe ,
which I finally solved but now after I start ssh and log in with the password in cmd from Visual Studio Code, I get this error bash: powershell: command not found.
I tried one day to search the internet for that error.
https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration?WT.mc_id=-blog-scottha
https://learn.microsoft.com/en-us/windows/wsl/troubleshooting
I've talked to people who have more experience but within the time limit my advice could be, but I still couldn't solve the error, either it's something from windows or ssh or I don't know.
You are the first time I try to do this in general I used heroku or aws that had some facilities.
I changed host machine in the settings JSON file windows to linux
When you got the option to Select Linux, Windows or Mac did you make sure that you know exactly the type of server you are connecting to. Bcs if you choose the wrong one this error gets thrown.

VS Code Remote SSH Connection not working

Im trying to setup vscode with the remote developement extensions on a second pc. While it works on my main one it doesnt on the second one. Tried reinstalling vscode, extensions and using older versions but nothing works.
When trying to connect it cancels after chosing the os. So I cant even type in the password.
I set it up in the exact same way as with the other pc.
Any ideas?
[20:32:53.595] remote-ssh#0.55.0
[20:32:53.595] win32 x64
[20:32:53.596] SSH Resolver called for "ssh-remote+ssh.blabla", attempt 1
[20:32:53.597] SSH Resolver called for host: ssh.blabla
[20:32:53.597] Setting up SSH remote "ssh.blabla"
[20:32:53.610] Using commit id "58bb7b2331731bf72587010e943852e13e6fd3cf" and quality "stable" for server
[20:32:53.612] Install and start server if needed
[20:32:54.639] Checking ssh with "ssh -V"
[20:32:54.686] > OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
[20:32:54.691] Running script with connection command: ssh -T -D 52819 ssh.blabla bash
[20:32:54.694] Terminal shell path: C:\WINDOWS\System32\cmd.exe
[20:32:54.758] >
]0;C:\WINDOWS\System32\cmd.exe
[20:32:54.758] Got some output, clearing connection timeout
[20:32:54.785] >
[20:32:55.045] > root#blabla's password:
[20:32:55.045] Showing password prompt
[20:32:57.596] "install" terminal command done
[20:32:57.597] Install terminal quit with output: root#blabla's password:
[20:32:57.597] Received install output: root#blabla's password:
[20:32:57.598] Stopped parsing output early. Remaining text: root#blabla's password:
[20:32:57.598] Failed to parse remote port from server output
[20:32:57.603] Resolver error: Error:
at Function.Create (c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:1:130564)
at Object.t.handleInstallOutput (c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:1:127671)
at I (c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:127:106775)
at processTicksAndRejections (internal/process/task_queues.js:94:5)
at async c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:127:104774
at async Object.t.withShowDetailsEvent (c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:127:109845)
at async Object.t.resolve (c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:127:107960)
at async c:\Users\Manuel.vscode\extensions\ms-vscode-remote.remote-ssh-0.55.0\out\extension.js:127:141955
[20:32:57.606] ------
[20:32:59.376] Password dialog canceled
[20:32:59.376] "install" terminal command canceled```
Depending on the system you are in, when you first try to connect, a vscode-server will be set up and configured on your server.
In linux that can be in /Home/<user>/.vscode-server
If you are on windows, check what that is.
The first solution is to try the extension command: Remote-SSH: kill VS Code Server on Host
Open the command pallet (CTRL + SHIFT + P or COMMAND + SHIFT + P (mac) ).
And type Remote kill :
Then try to connect again! (That will kill the server on the host! Which will make it start again on the next try)
If that doesn't work, and things are still failing:
Delete, rm
Then a good solution that can work is: to connect to your server through terminal (vscode terminal, gnome-terminal, whatever). Then go and remove /Home/<user>/.vscode-server
Try to connect after that. At the attempt the server will be re-installed completely anew, chances are it will work. (I did that and it worked for me, so whatever that was going wrong on the vscode-server: just start all over)
But again: you will lose things, config, meta data, etc. (because you start anew).
Update:
As stated by #natevw in the comments:
I found that removing only the .vscode-server/bin subfolder helped straighten things out and afaict kept my data/settings.
Removing only vscode-server/bin seems to work well, and the config, metadata, etc. remains untouched.
I downgrade Remote-SSH plugin to 0.51.0, rm -rf $HOME/.vscode-server on the remote machine. Connect again, VSCode will download and install a new .vscode-server. Then upgrade Remote-SSH plugin, everything works.
One way worked for me is, by adding this line in the vscode settings (JSON) file.
"remote.SSH.useLocalServer": false
I met the same problem. After I did these steps, it works:
on the remote server:
rm -rf ~/.vscode-server
rm -rf ~/.vscode
On the local VS code:
reinstall remote-ssh
In case all the above fails, here's how I fixed my issue.
First, I was able to SSH into my remote server (Ubuntu 22.04, Raspberry Pi 4, arm64) using a simple bash terminal. So I logged in using my terminal (macOS), and I went to
cd $HOME/.vscode-server/bin/WHATEVER-HASH-YOU-HAVE/
In this directory, there is a file named server.sh. I tried running this script, and I got the following error:
./node: error while loading shared libraries: libatomic.so.1: cannot open shared object file: No such file or directory
The issue was clear: there was a missing shared library on my system. Either Node.js now requires that or the new version of the SSH-Remote extension; I don't know. I did not spent the time to dig into those specifics.
But to fix that, I simply did:
sudo apt-get install libatomic1
That installed the missing shared library.
After that, I delete $HOME/.vscode-server:
rm -rf $HOME/.vscode-server
and tried again connecting using VSCode. It worked!
Hope this can help someone like me, for whom all other options failed.
Issue: while trying to ssh connect to Linux(remote machine) using vscode.
Solution: remove/delete the bin folder inside .vscode-server and then reconnect to the remote machine
In remote server:
remote_name:~$ rm -rf ~/.vscode-server/bin
*reconnect to remote machine*
It turns out that my fish was a obstacle for vscode server.
Then I tried
chsh -s /bin/bash
And works fine.
I worked adding \\ in the path of the .config
I share the steps
Go to .config settings
select configuration
add double \\
Just deleted old host information from ssh settings file and problem solved.
I had faced this issue when I tried to connect to a Linux server from a windows laptop.
It was using the wrong fingerprint.
It worked for me after removing the line related to that server from $HOME/.ssh/known_hosts
I ran into the same issue, it got fixed when I updated the path of the IdentityFile from 'ssh_key' to '~/.ssh/ssh_key' (the entire path I mean) so that the VS code could recognize it.
Restart remote machine worked for me (after trying all the previous answers with no luck).
Giving you the oldest trick of the book:
restart
It worked for me and I laughed hysterically for exactly 57 seconds. Happy reconnecting to the server my dear Coder!
I could not connect to the server, my issue was the remote server was full
check with the command df -h if the disk is full !
Here is an alternative for Remote SSH, pls check my answer at: https://stackoverflow.com/a/68046111/13089935
TLDR:
We can use a web-based VS Code that is installed on the server directly.

CentOS x11 Forwarding issue

I am on a Windows7 machine and I'm trying to get graphic view on the centOS machine to be displayed on my current screen. When typing xclock, gedit... in terminal, I am getting the following error
-bash: xclock: command not found
and This the result of # vi /etc/ssh/sshd_config command
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
#tewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
Also Xming is running on server:0.0 and I turned X11 forwarding on on putty
So what's the problem ?
sudo yum install xorg-x11-apps
Should cover it!
Do you have an .Xauthority file in your home directory?
I've recently found the answer for my issue, which might be similar to yours. I've seen quite a few open questions about this topic without resolution. You may have a few more things to work through, but SELinux settings ended up being my final hurdle. This among many other steps are covered here: ssh X11 forwarding won't work
That aside, you may need to change the Xming settings to match the default DisplayOffset of 10 for Centos. And after any changes to sshd_config, you'll need to restart the service via
/etc/init.d/sshd restart
I would like to emphasize that my situation is a non-critical operation within a (hopefully!) securely-managed intranet. I would NOT suggest turning off SELinux at work, or at home if you're hoping to open ports or configure VPN for your home network. Please consider: http://securityblog.org/2006/05/21/software-not-working-disable-selinux/

Connect Eclipse RSE with remote Linux server using public key attained from Amazon ec2

I want a easy way to save, copy and edit files on a remote server. I'm using Eclipse as an IDE, what could be better for these tasks than RSE(Remote System Exlporer) plugin for Eclipse. The thing is that I dont know how to make a connection using a public key. I have file that I downloaded from my Amazon account, *.pem. But I don't see any forms or inputs for this, when I try to connect to my remote Linux server. It is just User-id and password. I also tried to open the public key using the system's text editor and copy everything to my password field, but it didn't worked. Pls help me
this was baking my noodle for a while too. you put the keys in a folder not in the RSE config but in the whole of eclipse
check this: http://siteadmin.gforge.inria.fr/eclipse-ssh.html
Not mentioned (at least in explicitly) is the fact that RSE (and for what I've seen, Eclipse in general) only seems to work with 1024 bit keys https://bugs.eclipse.org/bugs/show_bug.cgi?id=404714
I also had issues, because my privatekey was 2048, but I added a new key to authorized hosts and then I could connect.
I added my local computer's ~/.ssh/id_rsa.pub to the remote /home/ec2-user/.ssh/authorized_keys.
Then just set the user to connect in RSE to ec2-user when connecting.
Someone asked for root login. It works too: update /root/.ssh/authorized_keys, and edit /etc/ssh/sshd_config to allow root login:
#PermitRootLogin forced-commands-only
PubkeyAuthentication yes
Then reload the sshd daemon: service sshd restart

Problems using teamcity command line to perform ssh remote login

I was wondering if anyone has tried using teamcity's command line builder to perform ssh remote login.
Right now, I would like to automate some testing on a QNX neutrino OS which is currently unsupported by teamcity. As a work around, I setup a ssh server on the target qnx machine so i could ssh and sftp the executables in.
Firstly, the source are compiled on Windows XP using qnx's compiler (based on g++). Followed by sftp-ing the executables into qnx neutrino.
Next, using ssh, script the login to remotely start the test apps and send the results back to the remote agent for publishing.
The batch script I created works well standalone, however, after hooking it up on the remote agent, it fails to login ssh and hangs indefinitely at the following command:
ssh -l "./.sh"
Notes:
I have added the remote agent's RSA public key in the QNX .ssh/authorized keys file, automatic login is working.
Is there a need to add the teamcity server's RSA public key in too?
Anyone has any idea on this problem?
I had a few weird problems with key-based SSH logins on QNX related to file permissions for the keys in .ssh. and permissions of parent folders (/home/username and /root).
Add
LogLevel DEBUG3
to /etc/openssh/sshd_config, make sure syslog is configured and is logging sshd output, restart sshd and try again - it will most likely complain about something.
Also, ssh -l "./.sh" makes no sense - -l is used to specify the user name, something is off there.