SSH connection
I installed a new ESX 3.5 server and also installed a new instance that is running on RHEL 5.0.
I'm unable to connect my instance via SSH from my ESX Server is also not able to mount any sharing of ESX pending.
Hello
I installed a new ESX 3.5 server and also installed a new instance that is running on RHEL 5.0.
Not sure I can analyze this. You have installed ESX 3.5 and then installed a VM with RHEL5?
I'm unable to connect my instance via SSH from my ESX Server is also not able to mount any sharing of ESX pending.
Are you trying to SSH from ESX or ESX? Is the 'Instance' a NFS server or something else?
To activate ssh into ESX service:
Create an administrative user and ssh for this user, and then use sudo/su - to get root access. Direct root access is denied.
To enable ssh on ESX to use:
esxcfg-firewall -e sshClient
Could you explain exactly what you're trying to do.
Best regards
Edward L. Haletky
VMware communities user moderator
====
Author of the book "VMWare ESX Server in the enterprise: planning and securing virtualization servers, Copyright 2008 Pearson Education.»
Blue gears and SearchVMware Pro Articles: http://www.astroarch.com/wiki/index.php/Blog_Roll
Security Virtualization top of page links: http://www.astroarch.com/wiki/index.php/Top_Virtualization_Security_Links
Tags: VMware
Similar Questions
-
Hello world!
I had a GS752TS switch and I want to manage it remotely using SSH.
But I can't find information on the SSH connection.
I use Putty and it cannot connect. I also looked for the switch configuration: maintenance-online troubleshooting, but I can't find option diagnosis remotely.
Is it possible to manage this remote switch and if so, how?
Thanks for your response!
Hi Ahiro
Welcome to the community!
You can't manage a Smart Switch managed using SSH or command line. Instead, a smart switch is managed Web interface (GUI) through HTTP used.
Command-line (CLI) and Telnet/SSH are one of the differences between Smart switches and managed fully managed.
If you need SSH on Putty, you should take a look at our excellent series M4100, profitable L2 + fully autonomous here managed switches:
http://www.NETGEAR.com/managed
Kind regards
-
Hello
I have a Cisco 1721 I configured to allow SSH connections in the Internet router on port 2922. For some reason, the SSH connection randomly gets abandoned, most of the time in the middle of typing a command. I don't think it is related to the length of time that I have in the router because I can't rest, usually more than 4 minutes. Any kind of help would be appreciated.
Thank you
Brandon
Hello.. I have my doubts about your static NAT configurations... If you change the access list applied to the ethernet0 (102) and allow ssh (port 22) you can ssh on port 22 of the router E0 IP address Outside... ? .. If the connection is stable and you can then your static NAT might be the cause of the problem.
I hope this helps... Please, write it down if that is the case!
-
Why is the SSH connection default for AMS on the market of the amsadmin AWS?
We don't want default password on AWS authentication, we want key authentication. Why you guys don't force auth password?
Adobe Media Server 5 scope on the market of the AWS
AMS on AWS insists to reset the password for the first ssh connection is made. Once the password is reset, the session disconnects automatically for security reasons and subsequently, he need only key authentication.
-
Cann't open web access, ssh connection between host and bridged the VM in network mode
I have a VMware workstartion 7.0 is installed on a machine XP 64 (192.168.2.44). I have the following virtual machines.
1 ESX 4.0 (192.168.2.42)
2 ESX 3.5 (192.168.2.38)
3. windows server 2003 with vCenter installed. (192.168.2.100)
4. Windows server 2003 with the roles of DNS and DC. (192.168.2.101)
I am trying to connect to vCenter or ESX VM of the XP hosting web interface. However I can't get through. but I can ping and I can also telnet to ports 443, 80. Even I can't ssh connection. When I use putty, it is actually connected but no response from the ssh server. Looks like the network connection is there, somehow the server process responds simply not properly once the connection is established.
BTW, all of them use bridged network, they all 192.168.2.x IPs. I can connect to vCenter, ESX web interface from another computer without problem.
Just wonder if anyone else has experienced this before. I have tried to search the forum, did not find a similar question.
Thank you!
Tong
Your host, try to disable (temporarily) a "discharge" for the NIC settings.
http://KB.VMware.com/kb/1015940
If this solves the problem, other threads on this issue have mentioned that a fix for this will be included in the next version of the 'point' of Workstation 7 (as 7.1, etc).
-
I'm trying to find a way to automate the commands to send a series of switches (about 20) showing some configs and save the output to a file. The way I was trying to do was using plink and creation of a batch of files for her.
Essentially, it would be something similar to the following.
ECHO
for /f % in (devices.txt) plink % l word of PAST of USERNAME-pw-v - m C:\Batch\commands.txt > output.txt
To split the above command, looking for my ips in the devices.txt and made a "plink pw - username PASSWORD - v IP-l m - COMMANDS > OUTPUT" for each. The problem, I'm running is that the switches do not accept logins, they constantly ask for the user and the password again. Even when you try to put them in the commands.txt he will not accept the entry. I googled using plink with dell switches but there is nothing to talk about this problem.
So my question is, is it possible to automate this sort of thing in a batch file? Or some way to automate a series of commands to a switch via SSH? I'm just not wan't do manually connect to each of them, carry out my orders, out, reconnect and repeat. I did it on cisco switches so I thought the process would be similar but I don't understand what obstacle I'm running in here. Ideally, I'd like to see how to do this via SSH but at this point, I am ready to accept almost any alternative (secure) to automate the sending of orders for my switches.
I hope that all makes sense.
Sorry, I haven't used before plink, so I'm not sure what to change to get this to work. In the past, there was another Member of the community who has been able to use expect to establish connections to switches and save configs.
It may be somewhat more than installation, but you can be able to make it work for your needs.
Let us know
-
R710 IDRAC6 series via ssh: connect com2 returns COMMAND NOT RECOGNIZED
Hello
I configured successfully on ssh several times serial console redirection on different dell servers, but now I'm stuck with two R710s.
The problem
I can't use the connect command:
/Admin1-> connect com2
cmdstat
status: 2
status_tag: PROCESSING COMMAND FAILED
error: 253
error_tag: COMMAND NOT RECOGNIZEDConfiguration
Version
BIOS is 6.1.0, cli version output is:
/Admin1-> version
CLP SM Version: 1.0.2
SM ME treat Version: 1.0.0bI have configured the redirection as before:
BIOS
Communication series On with the Console via COM2 Redirection
Address of the Serial Port Device1 Serial = COM1, Serial Device2 = COM2 Connector external series Remote access equipment Failsafe baud rate 115200 Remote Terminal type VT100/VT220 Redirection after boot People with disabilities iDRAC
/Admin1/system1/SP1-> racadm config-g cfgSerial o cfgSerialBaudRate 115200
Value of the object successfully changed
/Admin1/system1/SP1-> racadm config-g cfgSerial o cfgSerialConsoleEnable 1
Value of the object successfully changed
/Admin1/system1/SP1-> racadm config-g cfgSerial o cfgSerialSshEnable 1
Value of the object successfully changed
/Admin1/system1/SP1-> racadm config-g cfgSerial o cfgSerialHistorySize 2000
Value of the object successfully changedThe command is now console, not connect.
And that's exactly what is said in the docs - it's just that I had not noticed the change and read 'connect', where 'console' was written.
A big thanks to Lars Handrick Support Dell Germany for reporting the change of command name for me.
-
Hello
I configured to connect to the outside using ssh ver 1/2 on the SAA. but I can't connect using SecureCRT and PuTTY ssh client software...
In addition, I have tred to connect outside the witch ASA router ssh command.
but the result is the same...
Here is the configuration on SAA.
I would like to know why I can't connect external interface of the ASA.
ASA Version 7.1 (2)
!
hostname ASA 5540
cisco.com-domain name
enable password xxxx
names of
!
interface GigabitEthernet0/0
Description * Outside *.
nameif outside
security-level 0
IP 192.168.200.2 255.255.255.0
!
interface GigabitEthernet0/1
Description * inside *.
nameif inside
security-level 100
192.168.100.2 IP address 255.255.255.0
!
interface GigabitEthernet0/2
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
Description * management only *.
nameif management
security-level 0
IP 192.168.250.2 255.255.255.0
management only
!
passwd xxxx
boot system Disk0: / asa712 - k8.bin
passive FTP mode
DNS server-group DefaultDNS
cisco.com-domain name
permit same-security-traffic inter-interface
pager lines 24
Enable logging
logging of debug asdm
Debugging trace record
Outside 1500 MTU
Within 1500 MTU
MTU 1500 management
no failover
ASDM image disk0: / asdm512.bin
don't allow no asdm history
ARP timeout 14400
Route outside 0.0.0.0 0.0.0.0 192.168.200.1 1
Route inside 172.16.0.0 255.255.0.0 192.168.100.1 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00
Timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
Timeout, uauth 0:05:00 absolute
xxxx xxxx password username
privilege 15
xxxx xxxx privilege 15 password username
Enable http server
http 0.0.0.0 0.0.0.0 outdoors
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 management
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Telnet 0.0.0.0 0.0.0.0 inside
Telnet 0.0.0.0 0.0.0.0 management
Telnet timeout 5
SSH 0.0.0.0 0.0.0.0 outdoors
SSH timeout 60
Console timeout 0
access to administration management
!
class-map inspection_default
match default-inspection-traffic
!
!
Policy-map global_policy
class inspection_default
inspect the dns-length maximum 512
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the netbios
inspect the rsh
inspect the rtsp
inspect the skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect the tftp
inspect the sip
inspect xdmcp
!
global service-policy global_policy
des-sha1 encryption SSL rc4 - md5
Cryptochecksum:xxxx
: end
]
Router #ssh-l cisco - c of the 192.168.200.2.
Password:
% Authentication failed.
[Connection to 192.168.200.2 closed by foreign host]
Router #.
You must specify the authentication method.
the ssh LOCAL console AAA authentication
for example.
SSH x.x.x.x x.x.x. inside | for increased security outside
Hope this helps,
THX
Jay
-
GANYMEDE + failing during the web connection, succeeding the SSH connection.
I have a Ganymede server + configured (tac_plus, freeware). I have one point of access configured to use Ganymede + local as default authentication method. Name of user and password works fine at the guests of SSH/vty, Console connection. However, it fails when you try to access the web interface. When you try to access the ip point http://[access] / he asks a login:
The server [ap ip] request your username and password. The server reports that it is Level_15_access.
If I put in my credentails Ganymede, the authentication prompt appears again.
If I add ip http authentication aaa - authentication of [name of the authentication list] connection, it allows access. I was under the impression that I would not need to add this if RADIUS is configured as the default authentication method.
Current config:
aaa new-model ! ! aaa authentication login default group tacacs+ local aaa authentication login TACAL group tacacs+ local aaa authorization exec default group tacacs+ local aaa authorization commands 15 default group tacacs+ local aaa accounting commands 15 default start-stop group tacacs+ aaa session-id common
tacacs-server host [tacacs+ server IP] key 7 [password] tacacs-server directed-request
ip http server ip http authentication aaa login-authentication TACAL ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag !
It's been a while since I've done AAA on the part of a switch HTTP. However, looking at my notes I used only:
ip http authentication aaa
Basically, without specifying the method. Give that a try and let me know if it works. If it does not do a debugging on Ganymede authentications and after the output here.
Thank you for evaluating useful messages!
-
in PIX with SSH connection issues
Hello
I have a PIX 506 running OS 6.2 (2) which is located in a demilitarized zone known as the PIX from the outside. It's behind an another PIX506 (PIX inside). The two PIX have Ganymede + configured for authentication of the connection.
Last week the outdoor PIX crushed physically and I replaced it with a spare PIX part and he completely reconfigured.
Now I can't connect to this outside PIX using SSH, despite the list of access inside PIX is correct and can SSH and Ganymede +. However, I can telnet to it.
I use Putty to connect and when I start the session SSH from the PIX, the login window appears and disappears immediately without having the time to do anything myself.
Any help would be greatly appreciated. Thanks in advance.
A.G.
##################################################
Inside PIX config:
access-list inside allow TCP Company-Interior-Net 255.255.255.0 host outsidepix-Interior-interface eq ssh
list Company-Interior-Net 255.255.255.0 access inside permit tcp host eq telnet interface-inside-outsidepix
access-list inside allow the ICMP messages to echo DMZNet 255.255.255.192 Company-Interior-Net 255.255.255.0
access-list inside allow Company-Interior-Net icmp 255.255.255.0 DMZNet 255.255.255.192 - response to echo
dmzacl list of access allowed icmp echo host outsidepix-Interior-interface company-Interior-Net 255.255.255.0
dmzacl list of access allowed icmp host outsidepix-Interior-interface company-Interior-Net 255.255.255.0 - response to echo
access-list permits dmzacl tcp host outsidepix-Interior-interface host Ganymede-server1 eq Ganymede
access-list permits dmzacl tcp host outsidepix-Interior-interface host Ganymede-server2 eq Ganymede
The outdoor PIX config:
GANYMEDE + Protocol Ganymede + AAA-server
AAA-server GANYMEDE + (inside) host Ganymede-server1 1234 timeout 10
AAA-server GANYMEDE + (inside) host Ganymede-server2 1234 timeout 10
RADIUS Protocol RADIUS AAA server
AAA-server local LOCAL Protocol
Console telnet authentication GANYMEDE AAA +.
the AAA console ssh GANYMEDE authentication +.
AAA authentication enable console GANYMEDE +.
Telnet Company-Interior-Net 255.255.255.0 inside
Telnet timeout 5
SSH-company-Interior-Net 255.255.255.0 inside
SSH DMZNet 255.255.255.192 inside
SSH timeout 5
did you follow the steps to configure ssh? the domain name and host name is defined on it? CA has generated you any rsa... to create the encryption keys?
-
Password and the default SSH connection
If I set up a Pix 6.2 running someone for you to connect via ssh, which is the password and login?
default user name is pix
There is no default password that you define to the command
passwd yourpassword
Try this document for more details
http://www.CiscoPress.com/articles/article.asp?p=25342&seqNum=3&RL=1
M.
Hope that helps, rate, if
-
How activate/connect with SSH?
For Beta3 release notes say is a new feature ' secure connection: you can now connect to the Tablet using Secure Shell (SSH) and download files from your application using SCP and SFTP.
The simulator of listening on port 22 (the SSH standard) or any other port for SSH connections, with or without active development mode does not have a vanilla installation.
I found the blackberry connect program in the SDK bin folder and tried this after creating a RSA2 key:
c:\>blackberry-connect -targetHost 192.168.7.172 -devicePassword x PROGRESS: Connecting to target 192.168.7.172:4455 PROGRESS: Authenticating with target 192.168.7.172:4455 PROGRESS: Encryption parameters verified PROGRESS: Authenticating with target credentials. PROGRESS: Successfully authenticated with target credentials. PROGRESS: Sending ssh key to target 192.168.7.172:4455 Connection refused: Invalid ssh key contents. The target actively refused the connection. Please ensure that qconnDoor is running on the target. PROGRESS: Unable to send ssh key to target
The fichier.ssh/id_rsa.pub is generated as a SSH-1 using PuttyGen key. I also tried a file SSH-2 RSA with the same results.
The fact that he said that he "succesfully authenticated" it suggests successfully connected... probably using port 443 (https) the way I guess that deploy blackberry is. However, after that he seems to say my key is not valid (not sure, I believe that), but also actively target "connection refused" (I think that... qconn is not listening on port 8000 or another).
Any who have knowledge of this area, or wild guess I can try?
OK, I am able to connect through SSH. It's a little complicated at the moment but I'll simplify and post a recipe as soon as I can.
For anyone technical enough to follow with minimal intervention:
- I generated a 4096-bit RSA key using 'ssh-keygen - b 4096' on a Linux machine, recording in the format 'test_rsa' and 'test_rsa.pub '.
- I transferred those to my Windows box.
- I called "blackberry-connect targetHost - PCMGM - devicePassword x - test_rsa.pub sshPublicKey."
This operation transfers the public key in the device by connecting through qconn (port 4455) using unknown protocols. The output looks like this:
PROGRESS: Connecting to target 192.168.7.172:4455 PROGRESS: Authenticating with target 192.168.7.172:4455 PROGRESS: Encryption parameters verified PROGRESS: Authenticating with target credentials. PROGRESS: Successfully authenticated with target credentials. PROGRESS: Sending ssh key to target 192.168.7.172:4455 PROGRESS: ssh key successfully transfered. PROGRESS: Succesfully Connected
Blackberry connect program continues to run, and as long as it is running at this point the Simulator will be listening for SSH connections on port 22.
At this point, I had to take the test_rsa (the private key) file and import it into Puttygen using Conversions-> import menu button. Save the private key, and load the key in the pageant.
Finally, normally connect using PuTTY at the address PCMGM and sign in as "devuser". This was discovered by looking in the /accounts folder using a primitive file browser application, where I found two subfolders, 1000 / and devuser.
-
is it possible to connect with SSH from router to router?
is it possible to connect with SSH (1.0 or 2.0) to a CISCO-router/Switch to another CISCO-router/Switch?
I think that an SSH connection to a router/switch is no longer possible to a women (Windows/Linux/Unix)
is it not?
I don't know if Cisco Compatible SSH 2.0, but there IOS - s that support ssh 1.0 and you can connect with ssh 1.0 from a cisco device (if it supports) to any device with
Router # ssh?
Select encryption algorithm - c
-l Log in using that username
options to specify o
p connect to this port
Address WORD IP or hostname of a remote system
Router # ssh x.x.x.x
-
The Help window is NOT so useful. I use windows 7. In SQL DEV 4.0, I was able to connect to an instance of cloud without start Putty and the implementation of tunneling.
View > SSH
Create a SSH Host
In the connection dialog box, set your SSH connection type
Select your SSH host from the dropdown list control of tunnel on the connection properties
The aid is in beta, all as the product
-
[INS-06006] Connectivity SSH without password do not put in place between the following nodes.
Hello
I'm currently building the cluster by RAC 11 GR 2. I try to install Oracle Grid Infrastructure Oracle Linux 6.4 (x86_64bit) machine - node1.abc.com.
I'm at the stage of the "Cluster Node Information" where I have to provide me with the list of nodes to be managed by the Oracle grid Infrastructure. Currently I have added just me - node1.abc.com with the name of the virtual IP address - node1 - vip.abc.com. The two host name and virtual IP addresses are registered on the DNS server - it is also installed on node 1. Before adding the second node2.abc.com, I was testing SSH connection but it fails. I clicked the [SSH_Connectivity...] button and in the OS Username (grid) and his password. When I press the [Setup] button, it pops up message successful "Able to establish connectivity SSH without password between selected nodes." But when I click on the [Test] button or the [next] button, I get error - ' connectivity [INS-06006] SSH without password, do not put in place between the following nodes: [node 1].» What is the problem and what exactly to do to avoid this error?
Thank you
It was because I assigned a real static IP address for the second NIC eth1. With this affected YES wouldn't let you go to the next screen. So I had to remove NIC out of my laptop. But if eth1 is not resolved by the DNS name it also gives you errors. So I guess a correct functioning is I would sign up eth0 and eth1 to the DNS server but eth1 does not have real IP. Then I could go to the next screen.
Maybe you are looking for
-
Parameters of authorized Add-ons downloads list of unregistered websites.
Under Subject: preferences #security, you can choose which sites can download the modules that you need to enable it through the Exceptions button to warn me when Sites try to install add-ons The default values are; Marketplace.Firefox.com and addons
-
When I'm in the Manager of the ad - ons and I click on 'check to see if my plugins are up to date' I am bound to the list of plugins that they are sent immediately to a java download page. I uninstalled java because of the ongoing security issues
-
I have a master HDCAM with stereo mix 29.97i & I try to scan the band to 7 FCP 23.98 p, but have audio drift on the capture. The system that I use has a Kona card & I can choose the conversion cross without any problem. The image looks fine in a numb
-
I need to know how I can activate my soundcards validation when it keeps telling me it is invalid
-
I'm having a lot of problems with the Win7 homegroup feature that requires IPv6. I have an access point attached to the 4000 with three laptops connected through this and a wired desktop computer connected directly to the 4000. Residential group seem