MaxStartups (OpenSSH)
Feb 18, 2008
I'm not sure if I have understood this option. As far as I know it means that by default only 10 unauthenticated connections are allowed. So I wonder that if some is using a brute force soft with proxies they can easily overload this limit and this way disallow me to connect to the ssh so I could not login to my own server?
View 1 Replies
Aug 1, 2008
I'm having difficulty setting up tunneling, and I was hoping someone might have some insight. My current setup works just fine if the starting computer is not located behind its own proxy. But I cannot get the connection to work from a corporate LAN, which will be necessary when I'm on premises and need to get out. I've been switching to Verizon wifi when I need various ports, but this is a bad solution due to speed.
So, I have OpenSSH setup on the computer in my home office. It's setup on port 443, and it uses my main login user and pass to accept connections. I have a .bat file that triggers the following command in PuTTy when I run it:
putty -D 8080 -P 443 -ssh xx.xxx.xxx.xxx
The connection works just fine. I can log in, see my computer structure list directories, manipulate files, etc. Wonderful.
I have a browser set up to connect using SOCKS5. Over my wifi (with no corporate firewall), this works great. When I check my IP at www.ipchicken.com (my personal fave), it gives me my home office IP, just like it should. However, when I switch to corporate LAN, the connection to my PC remains active, but I cannot tunnel out past that point. The corporate LAN is using ISA Server (WINP - 8080).
I've read a couple tutorials on how to get the corporate proxy to play nice with OpenSSH, but I can't seem to get it to work, no matter what I try. Is there something big I'm missing here? What more info can I post to help get me to the right answer?
View 4 Replies
View Related
Jul 3, 2009
Note: I thought I posted this yesterday, either I forgot to hit submit or a mod deleted it for some reason, if mods dont want this thread up lemme know
I have heard this from a reliabl;e source. Was a recent pretty big site that got hacked, they had a forensic speciliast come in and recover the partitons and such. There is like 500 mb of logs and such related to the hack and I have some info on it. It all started at openssh, not a password login either. The hacker was able to exploit ssh and get in without even showing up as system user somehow.
As far as getting the exploit and exact strings used it was not possible as it is encypted ssh traffic. If someone really knows how to decrypt or read that then I can get you the logs.
Anyway, one of the staff of the site that got hacked- his personal server was hacked with same method, after he upgraded to the latest version of ssh they wanst able to get back in.
So there is defintely an SSH 0day, the current Centos/RHEL SSh versions are all vulnerable. To be on the safe side I advise everyone to upgrade via source or a newer package if you can find one.
One easy way to do it is using the update script from directadmin forums - [url]
It will work on cpanel servers or any other server as well, is not control panel related. I successfully upgraded mine.
IN yum.conf you need to add *SSH* to the excludes so it doesnt get overwrote with yum update.
I guess I would consider this still a rumor as far as public opinion goes but from what I have seen and heard from various people it is true. it doesnt hurt anything to upgrade so why not to be on the safe side?
If anyone else has any info on this post on it.
View 14 Replies
View Related