Go to advanced search

by tpyo kingg
Fri Sep 20, 2019 5:07 pm
Forum: General discussion
Topic: posting or replies blocked [SOLVED]
Replies: 13
Views: 256

Re: posting or replies blocked [SOLVED]

I was blocked also this afternoon. In that case it looked like including the full system path to the SSH daemon's configuration file inside a comment triggered the false positive. Cloudflare is undesirable, IMHO.
by tpyo kingg
Fri Sep 20, 2019 1:15 pm
Forum: Beginners
Topic: Sftp with no ssh shell
Replies: 2
Views: 80

Re: Sftp with no ssh shell

If you are looking to make the machine SFTP-only and prohibit interactive shell access, look at the ForceCommand directive in sshd_config and set it to internal-sftp . If you want it only for some accounts, see also the Match directive and match it to a group. The details can be found in the manual ...
by tpyo kingg
Tue Sep 17, 2019 12:04 pm
Forum: The MagPi
Topic: MagPi 85, Build Your Own NAS
Replies: 3
Views: 188

Re: MagPi 85, Build Your Own NAS

Maybe some one here will try it? Here are my sparse notes from last autumn on that. It's easy enough to figure out from the official documentation though. get FreeBSD 12 for the Raspberry Pi: ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/arm64/aarch64/ISO-IMAGES/12.0/ optional # pkg install tmux plug...
by tpyo kingg
Tue Sep 17, 2019 9:37 am
Forum: The MagPi
Topic: MagPi 85, Build Your Own NAS
Replies: 3
Views: 188

MagPi 85, Build Your Own NAS

I greatly enjoyed PJ Evans' article on pages 48 - 51, "Build your own NAS". Setting up a NAS was one of the first long term activities I had used a Raspberry Pi for and with much the same methods as outlined in the article. I still have a RPi 3 running as a NAS, though with a very different arrangem...
by tpyo kingg
Mon Sep 16, 2019 5:21 am
Forum: Beginners
Topic: Trying to SSH into my RPI from the internet
Replies: 3
Views: 121

Re: Trying to SSH into my RPI from the internet

The way to access VNC is to tunnel it via SSH. It's not safe to leave exposed.

So connect from the outside to your Raspberry Pi via your router with SSH to make a tunnel. Then connect your VNC client to the local end of that tunnel.
by tpyo kingg
Sun Sep 15, 2019 5:32 am
Forum: Beginners
Topic: Trying to SSH into my RPI from the internet
Replies: 3
Views: 121

Re: Trying to SSH into my RPI from the internet

By the way, before connecting to the net, be sure that the password has been changed for the default account 'pi' Then, which tutorial did you follow? In general, for SSH and SFTP you need to forward from whatever external port you choose on your router to port 22 on the Raspberry Pi. The specifics ...
by tpyo kingg
Sat Sep 14, 2019 3:59 pm
Forum: Beginners
Topic: How to auto ssh port forward on boot
Replies: 9
Views: 159

Re: How to auto ssh port forward on boot

Vipul_Pinto wrote:
Sat Sep 14, 2019 3:38 pm
Can you give an example for it
Please describe in more detail how you are connecting when you connect manually.

Have you made a key or not? When do you type in the passphrase for the key or the password for the connection?
by tpyo kingg
Sat Sep 14, 2019 3:04 pm
Forum: Beginners
Topic: How to auto ssh port forward on boot
Replies: 9
Views: 159

Re: How to auto ssh port forward on boot

Are you using a key for authentication? If so you need to specify it within rc.local, too, using the -i option.
by tpyo kingg
Tue Sep 10, 2019 7:08 am
Forum: General discussion
Topic: run several pis from desktop
Replies: 14
Views: 356

Re: run several pis from desktop

ssh for CLI, VNC for Desktop. Or in the middle you can use the -X option with SSH to run individual graphical applications from the remote machine and have them displayed on the local desktop. Speed will depend a lot on network latency and the results won't necessarily be fast but it will work from...
by tpyo kingg
Mon Sep 09, 2019 7:01 am
Forum: Networking and servers
Topic: Reverse Remote Ssh Tunnel
Replies: 12
Views: 316

Re: Reverse Remote Ssh Tunnel

What are you planning to proxy and from where to where? Squid is a caching proxy for HTTP and HTTPS, nothing to do with SSH.

A reverse tunnel to the Raspberry Pi via the VPS would only be useful if you don't have direct access to the Pi and wish to log in and use a shell.
by tpyo kingg
Sun Sep 08, 2019 12:44 pm
Forum: Networking and servers
Topic: Reverse Remote Ssh Tunnel
Replies: 12
Views: 316

Re: Reverse Remote Ssh Tunnel

Can you please explain your intended use of Squid?
by tpyo kingg
Sun Sep 08, 2019 8:56 am
Forum: Networking and servers
Topic: Reverse Remote Ssh Tunnel
Replies: 12
Views: 316

Re: Reverse Remote Ssh Tunnel

With that setting, the VPS (which is on the receiving end of the SSH connection from the RPi) will have a tunnel entrance on port 2223 leading to port 22 on the RPi. Squid is for HTTP not SSH. It not so clear how Squid is supposed to fit into the picture. Perhaps you can describe or diagram your set...
by tpyo kingg
Sun Sep 08, 2019 4:45 am
Forum: Networking and servers
Topic: Reverse Remote Ssh Tunnel
Replies: 12
Views: 316

Re: Reverse Remote Ssh Tunnel

Then try a different port for the reverse tunnel from the Raspberry Pi to avoid the conflict: ssh -N -R 2223:localhost:22 -l serverUser vps.example.com Then that will not interfere with Squid. You'd connect to port 2223 on the VPS to get to the Raspberry Pi. Or you could connect from the outside to ...
by tpyo kingg
Sat Sep 07, 2019 4:50 pm
Forum: Networking and servers
Topic: Reverse Remote Ssh Tunnel
Replies: 12
Views: 316

Re: Reverse Remote Ssh Tunnel

The reverse tunnel shouldn't be made as root. Most systems use the OpenSSH defaults which are to deny password authentication for the root account. So you could type the password like that all day and it still would not let you in. Use a normal account on the remote machine instead, or even an accou...
by tpyo kingg
Thu Sep 05, 2019 1:18 pm
Forum: Other
Topic: [Kali] Can't SSH my rpi4 headlessly
Replies: 3
Views: 180

Re: Can't SSH my rpi4 headlessly

All the tools in Kali can be added to Buster, for those that are not in the default installation. That will save you countless wasted hours. Save hours of headache, install Buster, and then add the tools you want.
by tpyo kingg
Mon Sep 02, 2019 7:08 am
Forum: General discussion
Topic: Raspberry Pi Security
Replies: 27
Views: 1014

Re: Raspberry Pi Security

Any Pi on public Internet will probably have ssh enabled for remote access. In that case the 1st thing to do is disable password based login. This and lots of good tips here https://securitytrails.com/blog/mitigating-ssh-based-attacks-top-15-best-security-practices Yes, disabling password-based aut...
by tpyo kingg
Sun Sep 01, 2019 5:51 am
Forum: Troubleshooting
Topic: node-* installed out of nowhere?
Replies: 4
Views: 209

Re: node-* installed out of nowhere?

Thanks. I was suspecting that it had snuck in through the raspbian-buster-full image but could not find any release notes mentioning that.
by tpyo kingg
Sun Sep 01, 2019 5:50 am
Forum: General discussion
Topic: Raspberry Pi Security
Replies: 27
Views: 1014

Re: Raspberry Pi Security

There are good cases available which leave the microSD card inaccessible from the outside. If you want to see if a case has been opened, a lazy way is to paint the screws with some fancy nail polish. However, that just means they have to buy some of the same nail polish to cover over entry. But depe...
by tpyo kingg
Sat Aug 31, 2019 4:39 pm
Forum: Troubleshooting
Topic: node-* installed out of nowhere?
Replies: 4
Views: 209

node-* installed out of nowhere?

I did a system update today and was surprised to see that a lot of NodeJS packages came along uninvited. Where would they have come from if I have not requested them? Nothing in the bash_history for either root or pi. The last use of APT in either bash_history or /var/log/apt/history.log show only w...
by tpyo kingg
Sat Aug 31, 2019 2:57 pm
Forum: General discussion
Topic: Raspberry Pi Security
Replies: 27
Views: 1014

Re: Raspberry Pi Security

I'm assuming the pi will outlive the SD card by several factors, so this is probably not the best plan, but using epoxy to secure the SD is probably going to be my plan. There are decent cases which require dealing with screws to access the microSD card. If it may be asked, what types of service(s)...
by tpyo kingg
Sat Aug 31, 2019 10:57 am
Forum: General discussion
Topic: Raspberry Pi Security
Replies: 27
Views: 1014

Re: Raspberry Pi Security

mattg31 wrote:
Sat Aug 31, 2019 10:39 am
... will make it secure.
It depends on the context. Again, what do you wish to defend against?
by tpyo kingg
Sat Aug 31, 2019 5:30 am
Forum: General discussion
Topic: Raspberry Pi Security
Replies: 27
Views: 1014

Re: Raspberry Pi Security

If the raspberry pi is connected to customers wifi (assuming it is secure itself), ... Wi-fi should always be considered compromised. However, that's not always a big deal. Since it is rather hard to defend against all things all the time, generic checklists usually fall short. Perhaps you can desc...
by tpyo kingg
Thu Aug 29, 2019 12:22 pm
Forum: Beginners
Topic: I cannot SSH my pi anymore
Replies: 20
Views: 544

Re: I cannot SSH my pi anymore

But I can go for a reinstall. So I'll get the new Buster instead Stretch ! The problem is always reinstalling all other needed software and configure everything. That's a lot of work each new install ! Depending on what you have installed, it can be rather easy to back up and restore. You can get a...
by tpyo kingg
Wed Aug 28, 2019 4:18 pm
Forum: Beginners
Topic: I cannot SSH my pi anymore
Replies: 20
Views: 544

Re: I cannot SSH my pi anymore

Can you check the configuration file?

Code: Select all

sudo /usr/sbin/sshd -T | sort
If that gives an error, then look in /etc/ssh/sshd_config. If not, then the problem is elsewhere.

Go to advanced search