If you have a slow SSH connection to a server with the following message :
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
Make sure that the server you try to reach has a well-configured reverse DNS. Then, you can desactivate GSSAPI authentication by adding the following line to your ssh client configuration file :
fool@localhost:~$echo “GSSAPIAuthentication no” >> $HOME/.ssh/config
You should be able to connect to your server through SSH quicker.
In order not to type your passphrase everytime you connect to a server using ssh, put the code below in your own bashrc file :
SSHAGENT=/usr/bin/ssh-agent
SSHAGENTARGS=”-s”
if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; then
eval `$SSHAGENT $SSHAGENTARGS`
trap “kill $SSH_AGENT_PID” 0
fi
Then reload your shell configuration by issuing the following command : source .bashrc
You will be asked to type once your passphrase and that’s it ! If you use keys-based authentication, do not forget to copy your public key to the servers you often connect to with the utility ssh-copy-id! ssh-agent will be very useful for you !
In order to make the connections to several servers through SSH easier, I use public/private keys-based authentication.
Cygwin provides all the basic tools related to SSH : ssh client, ssh-keygen, ssh-copy-id, ssh-add and ssh-agent.
Once I created my DSA keys with a passphrase, I sent my public key to all the involved servers with the ssh-copy-id utility. So, each time I connect to a server, I only have to type my passphrase. It is possible to avoid it by using ssh-agent.
To start it : exec ssh-agent /usr/bin/bash
If you do not use exec, you will get the following error message :
Could not open a connection to your authentication agent
To add your DSA identity to your authentication agent : ssh-add ~/.ssh/id_dsa
Type your passphrase once and then, you will not need to type it anymore. You will be able to connect to servers where you have uploaded your public key.
This solution works only for your current xterm. If you open a new xterm session, you will have to type your passphrase.
While trying to do some SSH tunneling, here is the error I got :
channel 3: open failed: administratively prohibited: open failed
To avoid this kind of error, have a look at the SSH daemon configuration file :
/etc/ssh/sshd_config
Add possibly the following line :
root@remote-server:~# echo “PermitTunnel yes” >> /etc/ssh/sshd_config
Then, restart your sshd server :
root@remote-server:~# service ssh restart
or
root@remote-server:~# /etc/init.d/ssh restart
You may encounter this message while connecting to a remote server through ssh.
Generally, you also have these lines :
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
To prevent from having this error again, there are solutions :
1) Edit the following line ~/.ssh/known_hosts and remove the line containing the hostname of the remote server in question.
2) Sometime, the file ~/.ssh/known_hosts may be hashed. To regenerate the key properly,as a non-root user, please type the following command :
fool@localhost:~$ ssh-keygen -R hostname
