Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all, I have installed Ubuntu 18.04 and seems I lost my SSH config from 16.04 server. I was messing around with /etc/ssh/ssh_config thought I backed it up, well I guess I didnt.. Does anyone know where I can get a default config as I have altered and lost the default Ciphers and MACs?
This is all my list contains and I know it was much longer before I altered it.
Thank you for the code I wasn’t aware that I could see the defaults via the man page as I’m still learning. Yes, I am aware this is for clients. I had to alter it as my rancid clogin would always default to spawn these old values. I have now found a way that I can tell the clogin file which oiphers to use and hope it works. Reason I discovered it no longer works I tried to ssh from this server to another server which would return and error of non-matching cipher values. I hope adding the default new ones in and then telling the clogin to use the called out value everything is happy and works.... if not I may return for additional help.
Thank you but my host file would be very large and hard to maintain as it would be over 700 devices as the company I work for is a nation wide Corp and we use rancid as backup server and use it to do various other number of tasks.
Quote:
Originally Posted by Turbocapitalist
Ok, but you can apply per-host configurations in the ssh_config file.
Thank you but my host file would be very large and hard to maintain as it would be over 700 devices as the company I work for is a nation wide Corp and we use rancid as backup server and use it to do various other number of tasks.
If there is a way to group them, you can use patterns in the Host directive. Or else the ssh_config file could be generated from lists by a shell script or perl script. That would make the connections to the new machines more secure.
If there is a way to group them, you can use patterns in the Host directive. Or else the ssh_config file could be generated from lists by a shell script or perl script. That would make the connections to the new machines more secure.
So say all my host start as uerxx.sitename.DNS are you saying I can group them all into a "catch-all" for this to work?
So say all my host start as uerxx.sitename.DNS are you saying I can group them all into a "catch-all" for this to work?
Yes, though the * at the bottom is the catch-all for everything. See "man ssh_config" and scroll down to the section titled "PATTERNS"
The rules go into the ssh_config file in order from specific to general. So the first stanza applies to a particular machine, the second to a pattern of names, the third to a less specific set of names, the fourth more general still and the last to every connection:
Again, the rules are set first-match. So if Ciphers are set by one rule that applies another subsequent rule will not override that even if it matches and contains Ciphers again.
Yes, though the * at the bottom is the catch-all for everything. See "man ssh_config" and scroll down to the section titled "PATTERNS"
The rules go into the ssh_config file in order from specific to general. So the first stanza applies to a particular machine, the second to a pattern of names, the third to a less specific set of names, the fourth more general still and the last to every connection:
Again, the rules are set first-match. So if Ciphers are set by one rule that applies another subsequent rule will not override that even if it matches and contains Ciphers again.
Thanks for the help everyone ended up doing the following after to restoring the config file to defaults in my rancid clogin.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.