I have Perl script which is doing ssh and sftp on remote server,i am getting error while running the script. Error says You are trying to access a restricted zone. Only Authorized users allowed.
How is it possible to ignore these messages while doing ssh or sftp from Perl program?
my $ssh = Net::SSH::Perl ->new($remote_host,options ==> ["BatchMode yes"], protocol ==>2);
$ssh->login($remote_user, $remote_password)
$sftp = Net::SFTP::Foreign->new($remote_host, user=>$remote_user,password =>$remote_password)
./HcSGSN.pl You are trying to access a restricted zone. Only Authorized Users allowed.
Manually ssh and sftp
$ ssh pocsoc#<ip> You are trying to access a restricted zone. Only Authorized Users allowed. pocsoc#<ip> password:
sftp pocsoc#<ip> Connecting to 10.210.9.17... You are trying to access a restricted zone. Only Authorized Users allowed. pocsoc#<ip> password
You cannot just ignore these messages. These messages means that you need to provide username and password while doing ssh or sftp and also those username and password which are authorized to access the server. When you start providing them you will get access otherwise no access.
Related
I am trying to connect by FTP to an Azure Web App. I downloaded the publish profile and copied the login to my FTP client and can connect successfully. But when i use ftp.exe from Windows then i am not able to connect to the same host with the same credentials.
I have read Connecting to Azure website via FTP but those solutions do not fix my problem.
This is the output:
C:\Projects>ftp
ftp> open waws-prod-am2-201.ftp.azurewebsites.windows.net
Connected to waws-prod-am2-201.drip.azurewebsites.windows.net.
220 Microsoft FTP
Service 200 OPTS UTF8 command successful - UTF8 encoding now ON.
User (waws-prod-am2-201.drip.azurewebsites.windows.net:(none)): firstserver\$firstserver
331 Password required
Password:
530 User cannot log in.
Login failed.
Invalid command.
Also tried with username firstserver from the Windows command prompt, no difference. Do not forget: when logging in via commercial FTP client software I CAN login successfully.
I tried backslashing the backslash and/or the dollar sign, but nothing helps. What is going wrong, how do i login from the command prompt using the Windows default ftp.exe?
If you run ftp in debug mode (-d switch), you will see that it truncates the password to 32 characters. That's why the connection fails.
Try using a shorter password. Otherwise you will have to use another command-line FTP client.
I downloaded ejabberd for Windows, and during the setup process created the admin name and password. I'm attempting to access the admin control panel (localhost:5280/admin), and am attempting to login with the username (admin#MyServer) and password, but each time it just asks me to log in again. The server is running too, so I'm not sure what I'm doing wrong.
ejabberd 16.09 will be released shortly and will include that fix.
Ref: Here.
for now start ejabberd with this command ejabberdctl live and see the log when you try to login.
if it says in-existed account than you have to download xmpp client software from here.
After Installing this creat the admin account from this client after you have does this you will be successful is logging in the admin control.
Settings for Pidgin:
Add:
1. Protocol : xmpp
2. Username : admin
3. Domain : MyServer
4. Password : asyouwant
Advance:
1. Connect Server : localhost
donot forget to check the create this account on the server checkbox.
I used admin#nabin-pc instead of admin#NABIN-PC and got logged in successfully.
I explain my problem:
I used backuppc for remote some database on an other server and for saving my data I used rsync which uses ssh. On my remote server I put the ssh key of backuppc and it worked.
But I wanted to secure this connexion, so I used rrsync (a perl script for restrict the access), for a "read-only" access with copy.
So now, in the remote server I have in root/ssh/authorized_keys
command="/usr/local/bin/rrsync -ro /" ssh-rsa
But when I try to connect I have this message:
/usr/local/bin/rrsync: Not invoked via sshd
It's a message from the perl script, but I don't know what it means or what can I do for this to work.
As far as I can tell, this message appears when you try to access the server with the restricted key without using rsync. It may be possible to edit the script to allow other programs, but I'm not skilled enough to attempt that.
I'm using terminal, I want to delete ssh keys from and old user (old_username) and set a new one (new_username). I have done as is in this tutorial.
When I run: ssh -T git#github.com I get the correct message:
`Hi new_username! You've successfully authenticated'.
But when I try to push a repository I get denied:
remote: Permission to new_username/test2.git denied to old_username.
fatal: unable to access 'https://github.com/new_username/test2/': The requested URL returned error: 403
I've tried deleting .ssh folder and setting again ssh, but the problem persists.
Using an https url means your ssh connection is not used. At all.
Try switching to ssh:
git clone git#github.com:new_username/test2
That will actually use your ssh credentials, meaning your public and private keys stored in ~/.shh/id_rsa(.pub).
If on Linux or OSX, check a file called ~/.netrc, which contains username/password information that most apps will use when connecting to remote servers. Yes, it even affects git via the https protocol. If you're using a frontend to connect to github, you probably need to clear its preferences so it stops trying to use the old username.
I read this from a posting in the Windows SysInternals forum.
The HKCU - hive key current user - will point to that user's hive key who authenticated on the remote machine with the help of psexec. It will not point to the user's hive key who has logged on interactively to the machine's desktop, unless both accounts happen to be identical.
I am facing the same problem with trying to push the signer and cert associated with a self signed certificate to the HKEY_CURRENT_USER/Software/Microsoft/SystemCertificates/Root/Certificates folder in the Windows registry for the user signed onto the remote machine.
If the userid and password used with PsExec are the same as the user currently logged onto the remote machine everything works fine. The PKCU registry entries get added as expected.
Since we can't ask each end-user for their AD password I am trying to sort out how I can get this to work when both accounts aren't identical. I have a Windows service account that has admin rights on all the PCs in the domain I am trying to push the cert and signer out to. If I use that account with psexec the registry entries do not get added for the user logged onto the remote PC.
Is there any way I can I write to HKEY_CURRENT_USER using psexec when both accounts aren't identical? That is, when the account used with the psexec command is not the account that is currently logged onto the remote PC.
example:
User remoteuser is logged onto the remote PC on which we want to install the cert entry into the HKCU hive but we use a different user/account with psexec. We do this because we don't know the AD passwords for all the remote users we want to update the HKCU hive for.
That would be a serious security issue.
In this example we use the psexecuser account to start the psexec service on the remote PC that the AD user remoteuser is logged onto.
C:\psexec #C:\remoteUserPCList.txt -u ourdomain\psexecuser -p psececuserpassword -d -c -f C:\InstallSSLCertinHKCU.bat
The HKCU registry entries do not get added for the remoteuser account on the remote PC.
Any fixes that would work with psexec would be a great help. I suspect we could use AD GPO but I am hopeful that there is some trick out there that can be used with PsExec.
regards
psexec can't impersonate the logged-on user. But you don't need to push a self-signed certificate to the user's profile on the remote machine, you can push it to the computer account instead, and you can even do that with group policy.