Tag

SSH Archives - AWS Managed Services by Anchor

SSH ControlMaster: The Good, The Bad, The Ugly

By | Technical | 6 Comments

Do you love SSH for the good it has done for mankind, but get annoyed by how long it takes to establish a connection over a high-latency connection? Perhaps you have a process that needs to make thousands of SSH connections, and you’d like a little extra speed from the whole thing. Either way, ControlMaster is your new best friend. The concept is very simple — rather than each new SSH connection to a particular server opening up a new TCP connection, you instead multiplex all of your SSH connections down one TCP connection. The authentication only happens once, when the TCP connection is opened, and thereafter all your extra SSH sessions are sent down that connection. If you’re SSHing between machines on the same LAN, or otherwise a short…

Read More

ERROR: SSH agent has too many keys

By | Technical | No Comments

Unfortunately, SSH doesn’t produce this error, although it darn well should… I just had a Github customer report that they couldn’t access their repos via SSH, despite it all working properly yesterday, and “not having changed anything”. A bit of debug logging and an inspired leap of intuition on the part of another sysadmin in the office, and the answer was quickly found. First off, the symptoms: Debug logging showed that the user was connecting successfully, presenting six SSH keys (none of which were the key of interest) before disconnecting; The SSH key was in the user’s SSH agent (you can verify this with a quick ssh-add -l); There were more than six keys in the SSH agent This last symptom is the key point. As an anti-brute-force measure (I…

Read More

Securing your codez from the wily exploit injectors

By | Technical | One Comment

Remember the good old days, when Melissa and ILOVEYOU were the major virus threats, spreading via e-mail and causing all sorts of embarrassing conversations at work? Or maybe even earlier than that, when the only way you could get a virus was by engaging in risky sex? (I mean Software EXchange, of course… get your mind out of the gutter) These days, anti-virus protection for e-mail is fairly thorough, and nobody’s really swapping floppies full of 16 colour games at recess. Malware authors have moved on to new and more fertile ground — embedding their junk in web pages, and relying on browser exploits to gain access to computers. Of course, with this method, you can only get infected if you actually visit a page that has an infestation, so…

Read More

A great Windows FTP & SFTP Client

By | Technical | No Comments

A question I get asked reasonably often is “Do you know any good free FTP programs?” Yes, I do. It is WinSCP. Some of the cool features are: It does what it is designed to do and does it excellently. SFTP, SCP & FTP support (ditch FTP and use SFTP!) I’ve never seen it crash. Transfer resuming on broken and cancelled downloads. Supports SSH keys, so you do not need to remember another password. Scripting support; schedule your own remote backups or have sane website rollout procedures! The WinSCP site describes it as “WinSCP is an open source SFTP client and FTP client for Windows. Its main function is the secure file transfer between a local and a remote computer. Beyond this, WinSCP offers basic file manager functionality. It uses…

Read More