Wetofu

Ssh - Error Remote Host Identification

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
af:65:98:55:c0:bd:a3:a7:20:f6:8d:d2:3f:c8:0a:0b.
Please contact your system administrator.
Add correct host key in /home/onno/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/onno/.ssh/known_hosts:13
remove with: ssh-keygen -f "/home/onno/.ssh/known_hosts" -R 192.168.0.100
ECDSA host key for 192.168.0.100 has changed and you have requested strict checking.
Host key verification failed.

maka perlu

rm -Rf ~/.ssh/known_hosts
ssh user@mesinserver

Automatic Login

Sumber:

• http://wp.uberdose.com/2006/10/16/ssh-automatic-login/
• https://lms.onnocenter.or.id/wiki/index.php/Ssh_-_automatic_login

public ssh key, cek pastikan ada file id_dsa.pub

~/.ssh

kalau belum ada id_dsa.pub di ~/.ssh lakukan

chmod 700 ~/.ssh
ssh-keygen -t dsa
ssh-keygen -t rsa

copykan ke remote server

scp ~/.ssh/id_dsa.pub remoteuser@remoteserver.com:
scp ~/.ssh/id_rsa.pub remoteuser@remoteserver.com:

di remote server append content public key id_dsa.pub ke ~/.ssh/authorized_keys dan delete file id_dsa.pub

cat id_dsa.pub >> .ssh/authorized_keys
cat id_rsa.pub >> .ssh/authorized_keys

Atau sekaligus lakukan dengan cara

ssh -l remoteuser remoteserver.com 'mkdir .ssh'
ssh -l remoteuser remoteserver.com 'touch ~/.ssh/authorized_keys'
cat ~/.ssh/id_dsa.pub | ssh -l remoteuser remoteserver.com 'cat >> ~/.ssh/authorized_keys'

jangan lupa delete id_dsa.pub dari home directory di remote server

selanjutnya kita dapat login tanpa di tanyakan password

ssh -l remoteuser remoteserver.com
ssh remoteuser@remoteserver.com

Alternatif Lain

The whole process is much easier if you just use:

ssh-copy-id [-i [identity_file]] [user@]machine

jadi

ssh-keygen -t dsa
ssh-keygen -t rsa
ssh-copy-id user@machine

Menjalankan perintah secara remote

contoh

ssh user1@server1 command1
ssh user1@server1 'command2'
ssh user1@server1 'command1 | command2'

ssh user1@server1 date
ssh user1@server1 'df -H'
ssh root@nas01 uname -mrs
ssh root@nas01 lsb_release -a

ssh -t user@server "time sudo /home/user/script.sh"

Dimana

-t   - memberikan akses terminal jika script menanyakan password
sudo - supaya bisa di jalankan sebagai su

Copy id_dsa.pub & id_rsa.pub

Pastikan id_dsa.pub atau id_rsa.pub di copy ke remote server,

ssh -l remoteuser remoteserver.com 'mkdir .ssh'
ssh -l remoteuser remoteserver.com 'touch ~/.ssh/authorized_keys'
cat ~/.ssh/id_dsa.pub | ssh -l remoteuser remoteserver.com 'cat >> ~/.ssh/authorized_keys'

Remote Display X Forwarding

Kadang kita ingin remote login dan me-remote layar (GUI) komputer yang kita remote.

Cek Cookies X di Komputer Kita

Di komputer kita ketik

xauth list $DISPLAY 

akan keluar seperti

500GB/unix:  MIT-MAGIC-COOKIE-1  beddb032e9dc14f86999994ec044b5f0
#ffff#3530304742#:  MIT-MAGIC-COOKIE-1  beddb032e9dc14f86999994ec044b5f0

Remote Ke Komputer yang ingin di remote. Menggunakan

ssh user@mesinyangingindiremote

Selanjutnya tambahkan di mesin remote menggunakan perintah

touch .Xauthority
xauth add 500GB/unix:0  MIT-MAGIC-COOKIE-1  beddb032e9dc14f86999994ec044b5f0

Ini akan menambahkan data pada .Xauthority.

Logout dari mesin yang ingin diremote.

Remote Menggunakan X

dan masuk lagi sekarang menggunakan perintah

ssh -X user@mesinyangingindiremote