SSH tricks

[ Monday, 3 July 2006, michuk ]


SSH (secure shell) is a program enabling secure access to remote filesystems. Not everyone is aware of other powerful SSH capabilities, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH! In this article we’ll cover these features and much more.

Author: Borys Musielak

SSH works in a client-server mode. It means that there must be an SSH daemon running on the server we want to connect to from our workstation. The SSH server is usually installed by default in modern Linux distributions. The server is started with a command like /etc/init.d/ssh start. It uses the communication port 22 by default, so if we have an active firewall, the port needs to be opened. After installing and starting the SSH server, we should be able to access it remotely. A simple command to log in as user1 to the remote_server (identified by a domain name or an IP address) looks like this:

ssh user1@remote_server

After entering the password to access the remote machine, a changed command prompt should appear, looking similar to user1@remote_server:~$. If this is the case, it means that the login was successful and we’re working in a remote server environment now. Any command we run from this point on, will be executed on the remote server, with the rights of the user we logged in with.

SCP – secure file copying

SCP is an integral part of the OpenSSH package. It is a simple command allowing to copy any file or folder to or from a remote machine using the SSH protocol. The SSH+SCP duo is a great replacement of the non-secure FTP protocol which is widely used by the Internet users nowadays. Not everyone is aware of the fact though, that all the passwords sent while using the FTP protocol are transferred over the network in a plain text format (making it dead easy for crackers to take over) – SCP is a much more reliable alternative. The simplest usage of SCP looks like on the following example:

scp file.txt user1@remote_server:~/

This will copy the local file.txt to the remote server and put it in the home folder of user1. Instead of ~/, a different path can be supplied, i.e. /tmp, /home/public, and any other path we have write access to.

In order to copy a file from a remote server to the local computer, we can use another SCP syntax:

scp user1@remote_server:~/file.txt .

This will copy a file file.txt located in a home folder of user user1 of a remote system to the local folder (the one we are currently in).

Other interesting SCP options:

  • -r – to copy folders recursively (including subfolders),
  • -P port – to use a non-standard port (the default is 22) – of course this option should be used if the server listens on a non-standard port. The option can be helpful when connecting from a firewall-protected network. Setting the SSH server to listen on 443 port (used for secure HTTP connections) is the best way to by-pass the administrator’s restrictions.

GUIs for SCP

If we do not like the console and we prefer GUI (graphical user interface), we can use a graphical (or pseudo-graphical) SCP client. Midnight Commander is one of the programs that provides an SCP client (option shell link). Nautilus and Konqueror are the SCP-capable file managers as well. Entering ssh://user1@remote_server:~/ in the URI field results in a secure shell connection to the remote system. The files can be then copied just as they were available locally.
In the MS Windows environment, we have a great app called WinSCP. The interface of this program looks very much like Total Commander. By the way, there is a plug-in allowing for SCP connections from TC as well.

SSH without passwords – generating keys

Entering passwords upon every SSH connection can be annoying. On the other hand, unprotected remote connection is a huge security risk. The solution to this problem is authorization using the private-public key-pair.

The pair of keys is usually generated using the ssh-keygen command. Below, there is a sample effect of such key generation. RSA or DSA keys can be used.

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key 
(/home/user1/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in 
/home/user1/.ssh/id_rsa.
Your public key has been saved in 
/home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx

When the program asks for the key password, we should just press ENTER – this way, a passwordless key will be created. Remember that this is always a security hole to have a passwordless key (in simple words, doing that downgrades your remote system security to the security of your local system) so do it on your own risk. As the ssh-keygen finishes its work, you can see that two keys have been generated. The private key landed in /home/user1/.ssh/id_rsa and we should never make this public. The second public key appeared in /home/user1/.ssh/id_rsa.pub and this is the one we can show the entire world.

Now, if we want to access a remote system from our local computer without passwords (only using the keys), we have to add the information about our public key to the authorized_keys file located in ~/.ssh folder on the remote system. This can be done using the following commands:

Remote SSH login
Pic 1. Passwordless SSH login

$ scp /home/user1/.ssh/id_rsa.pub \\
user1@remote_server:~/
$ ssh user1@remote_server
$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys

The third command will be obviously executed on a remote server. After this operation, all actions performed on the remote server with SSH will not need any password whatsoever. This will certainly make our work easier.

Notice that if you need passwordless access from the remote server to the local one, the similar procedure has to be performed from the remote server. Authorization using keys is a one-way process. The private key can verify the public one, not vice-versa.

Executing commands on a remote system

Well, now when we can already log into remote OS without the password, why wouldn’t we want to execute some command remotely? There can be multiple useful appliances of this, especially when we have to execute some command on a daily basis, and it could not be automated before, because of the need to enter the password manually (or enter it as plain text which is not very secure).

One interesting case is a “remote alert”. Let’s say that we have some crucial process running on the remote system, i.e. a website running on Apache server. We want be be warned when the system gets out of resources (i.e. the disk space is getting short or the system load is too high). We could obviously send an e-mail in such cases. But additionally, we can execute a remote command which plays a warning sound on our local OS! The code for such event would look something like that:

ssh user1@local_server 'play \\
/usr/share/sounds/gaim/arrive.wav'

This command, executed in a script from the remote server would cause a passwordless login of user1 to the local_server (the one we’re usually working on) and play a wave file with the play command (which is usually available in Linux). The actual case in which we execute this remote command should obviously be specified in a script, but we’re not going to provide a scripting course here, but a way to execute remote commands with passwordless SSH :) .

X11 forwarding – running graphical apps remotely

One of the least known functions of SSH is X protocol forwarding. This enables us to run almost every X application remotely! It’s enough to connect to the remote server using the -X option:

ssh -X user1@remote_serwer

and the display of every X application executed from now on will be forwarded to our local X server. We can configure the X11 Forwarding permanently by editing the /etc/ssh/ssh_config file (relevant option is ForwardX11 yes). Of course for the option to work, the remote SSH server needs to support X11 forwarding as well. The /etc/ssh/sshd_config file is responsible for that. This option is however configured by default in most of the Linux distros.

If we just need to execute one single command, we can use the syntax we learned before:

ssh -X user1@remote_serwer 'psi'

- this will execute PSI instant messenger on the remote server, passing the display to the local screen.

Of course the speed of applications executed remotely depends mostly on the network connection speed. It works almost flawlessly in local networks (even things like forwarding Totem playing a DivX movie). In case of Internet connection, a DSL seems reasonable to get apps like Skype or Thunderbird work quite well with a remote call.

Notice that it’s also possible to connect to the remote server without the X11 forwarding enabled, export the DISPLAY variable to point to the local machine and then run the X application. This way, the application would be executed with a remote display, using the generic X server functionality. SSH security would not be applied in such case since this kind of configuration has nothing to do with SSH. Depending on the configuration of the local X server, it may be that the authorization of the remote X applications needs to be turned on in such case. This is usually done by the command xhost. For example, xhost + hostname accepts all the remote applications from the specified hostname for a while. If we plan to use this option regularly, a more secure X server configuration is recommended.

SSHFS – mounting a remote folder

Working on a file located on some remote server via SSH can be quite annoying especially when we need often copy different files in both directions. Using a the fish:// protocol in Midnight Commander or Konqueror is a partly solution – fish tends to be much slower than pure SSH and it often slows down even more while copying files. The ideal solution would be a possibility to mount a remote resource available through SSH only. The good news is that… this option exists for a while already, thanks to sshfs and the fuse project.

Fuse is a kernel module (recently it has been adopted in the official 2.6 series) allowing for mounting different filesystems by an unprivileged user. SSHFS is a program created by the author of fuse himself which enables to mount remote folders/filesystems using SSH. The idea is very simple – a remote SSH folder is mounted as a local folder in the filesystem. Since then, almost all operations on this folder work exactly as if this was a normal local folder. The difference is that the files are silently transferred though SSH in the background.

Installing fuse and sshfs in Ubuntu is as easy as entering (as root):

# apt-get install sshfs

The only remaining action is adding the user that we want to give the permission to mount SSH folders to the fuse group (using a command like usermod -G -a fuse user1 or manually editing the /etc/group file). Eventually, the fuse module needs to be loaded:

# modprobe fuse

And then, after logging in, we can try to mount a remote folder using sshfs:

mkdir ~/remote_folder
sshfs user1@remote_server:/tmp ~/remote_folder

The command above will cause the folder /tmp on the remote server to be mounted as ~/remote_folder on the local machine. Copying any file to this folder will result in transparent copying over the network using SCP. Same concerns direct file editing, creating or removing.

When we’re done working with the remote filesystem, we can unmount the remote folder by issuing:

fusermount -u ~/remote_folder

If we work on this folder on a daily basis, it is wise to add it to the /etc/fstab table. This way is can be automatically mounted upon system boot or mounted manually (if noauto option is chosen) without the need to specify the remote location each time. Here is a sample entry in the table:

sshfs#user1@remote_server:/tmp \\ 
/home/user1/remote_folder/ fuse    defaults,auto    0 0

If we want to use fuse and sshfs regularly, we need to edit the /etc/modules file adding the fuse entry. In other case we would have to load the module manually each time we want to use it.

Summary

As you can see, SSH is a powerful remote access tool. If we need to work with remote UNIX filesystems often, it’s really worth to learn a few powerful features of SSH and use them in practice. SSH can really make your daily work much more effective and pleasant at the same time. In the following article (to be published later this month) we’re going to cover another great feature of SSH: making different kinds of tunnels with port forwarding using transparent socks and a corkscrew


Warning: include_once(/sites/polishlinux.org/wp-content/themes/jakilinuxorg/google_article_inside.php): failed to open stream: No such file or directory in /sites/polishlinux.org/wp-content/themes/jakilinuxorg/single.php on line 48

Warning: include_once(): Failed opening '/sites/polishlinux.org/wp-content/themes/jakilinuxorg/google_article_inside.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /sites/polishlinux.org/wp-content/themes/jakilinuxorg/single.php on line 48

Subscribe to RSS feed for this article! | Trackback URI

181 Comments

fold this thread dgilmore  Wednesday, 5 July 2006 o godz. 8:50 am #  Add karma Subtract karma  +2

Hey, nice job & in plain english! only thing that might have been cool was some more on port forwarding.

(Comments wont nest below this level)
 
fold this thread pixelbeat  Wednesday, 5 July 2006 o godz. 11:16 am #  Add karma Subtract karma  --1

You need ssh -Y not ssh -X for X forwarding.
-X just breaks things in obscure ways.

(Comments wont nest below this level)
 
fold this thread pat gardner  Wednesday, 5 July 2006 o godz. 11:38 am #  Add karma Subtract karma  --2

Well written and concise article. One thing though regarding the use of ‘xhost +’ – without any arguments this enables X access from anywhere. Better to use ‘xhost + hostname’ to only enable access to the X server from one client.

(Comments wont nest below this level)
 
fold this thread mj_quark  Wednesday, 5 July 2006 o godz. 11:47 am #  Add karma Subtract karma  +4

Another great way of using ssh is to use standard UNIX pipes to send content from one server to another. I once needed to tar some stuff on one server with very little disk space and then send the content to another server. This is how I did that

tar cvf – . | gzip -2 | ssh -l username server_name “cd /tmp; cat > temp.tar.gz”

Now I end up with a /tmp/temp.tar.gz on server_name

(Comments wont nest below this level)
 
fold this thread Snakey’s WeBlog » Blog Archive » SSH tricks  Wednesday, 5 July 2006 o godz. 11:49 am #  Add karma Subtract karma  +3

[...] read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread ckin2001  Wednesday, 5 July 2006 o godz. 12:37 pm #  Add karma Subtract karma  +1

Small typo – most ssh daemons are named sshd :p

(Comments wont nest below this level)
 
fold this thread michuk  Wednesday, 5 July 2006 o godz. 12:48 pm #  Add karma Subtract karma  +0

ckin2001: not in Debian/Ubuntu :)

(Comments wont nest below this level)
 
fold this thread disaffected  Wednesday, 5 July 2006 o godz. 12:55 pm #  Add karma Subtract karma  +2

Ungh. ssh-keygen with no password is asking for trouble. Never do this at work. A more secure way to use passwordless logins is through the ssh-agent. (use “eval `ssh-agent`; ssh-add” ) Keychain makes this somewhat painless and can be stashed in your .xinitrc. Also xhost + disables access control on your local X server, allowing anyone with inbound access to tcp/6000 to snoop your keystrokes. Also very bad form – never do this at work.

(Comments wont nest below this level)
 
fold this thread Secret Black Book of IceFuzion » Blog Archive » SSH tricks  Wednesday, 5 July 2006 o godz. 2:13 pm #  Add karma Subtract karma  --2

[...] read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread Careto  Wednesday, 5 July 2006 o godz. 2:15 pm #  Add karma Subtract karma  +2

Very good article. I’m going only to suggest the use of a windows X server like Xmanager (eval) so you could remote execute apps on a windows system.

Then on the remote side (in a ssh session) you would do something like:

export DISPLAY=your.windows.ip.address:0.0

and just run (almost) any graphical application:

xterm

Other thing you haven’t mentioned is the port forwarding.

ssh -l username@some.remote.ip.address -L 10000:local.ip.remote.lan:3389

This would connect to some.remote.ip.address that would create a tunnel on Terminal services port (3389) between your localhost and a machine (local.ip.remote.lan) behind some.remote.ip.address.

Then you would just connect with a terminal services client to “localhost:10000″.

Cheers

(Comments wont nest below this level)
 
fold this thread niol  Wednesday, 5 July 2006 o godz. 2:26 pm #  Add karma Subtract karma  +0

To send the public key to the remote machine, you can use the ssh-copy-id command which is cleaner than scp + cat.

I don’t understand why one would need to use the xhost command as the X client appears to be on the local machine from the X server’s point of view (because the X client is tunneled through the ssh client).

Nice summary though.

(Comments wont nest below this level)
 
fold this thread ldopa.net » archive » not-so-stupid ssh tricks  Wednesday, 5 July 2006 o godz. 2:51 pm #  Add karma Subtract karma  +0

[...] Excellent overview of SSH (secure shell) and SCP (secure copy) here — even if you’re a seasoned terminal jock, I suspect you’d pick up a tip or two here. The one thing I’d add to this article is that in addition to Midnight Commander and WinSCP, Cyberduck is quite an excellent SCP client as well. [...]

(Comments wont nest below this level)
 
fold this thread AlbanyWiFi.com » Blog Archive » SSH tricks  Wednesday, 5 July 2006 o godz. 3:03 pm #  Add karma Subtract karma  --1

[...] read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread soad  Wednesday, 5 July 2006 o godz. 3:29 pm #  Add karma Subtract karma  --1

you really missed out port forwarding, especially dynamic
need a socks proxy? ssh yourhost -D1080 and you have a socks5 on localhost:1080 :)

(Comments wont nest below this level)
 
fold this thread michuk  Wednesday, 5 July 2006 o godz. 4:00 pm #  Add karma Subtract karma  +1

you really missed out port forwarding

I missed it or maybe it’s you who missed something:
“In the following article (to be published later this month) we’re going to cover another great feature of SSH: making different kinds of tunnels with port forwarding using transparent socks and a corkscrew” :P

(Comments wont nest below this level)
 
fold this thread Ionline » Blog Archive » SSH tricks - jakilinux.org  Wednesday, 5 July 2006 o godz. 4:16 pm #  Add karma Subtract karma  +1

[...] SSH (secure shell) is a program enabling secure access to remote filesystems. Not everyone is aware of other powerful SSH capabilities, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH! In this article we’ll cover these features and much more. LINK: jakilinux.org – english version » SSH tricks   [link] [...]

(Comments wont nest below this level)
 
fold this thread ferg  Wednesday, 5 July 2006 o godz. 5:04 pm #  Add karma Subtract karma  +0

Another typo, the “ssh-keygen” program prompts for passphrase which you refer to as password in the text.

Nice summary though.

(Comments wont nest below this level)
 
fold this thread Anand  Wednesday, 5 July 2006 o godz. 5:34 pm #  Add karma Subtract karma  +1

Very nice list of “tricks”. I don’t know if it’s considered a “trick” but SFTP is pretty nice too. Basically FTP but over an SSH connection. Windows has a great open source GUI SFTP client in FileZilla.

X11 over SSH is very useful. It makes it easy to get remote X11 apps working without dealing with trying to configure the firewalls on both ends correctly.

(Comments wont nest below this level)
 
fold this thread SSH tricks at kaosphere.com  Wednesday, 5 July 2006 o godz. 7:26 pm #  Add karma Subtract karma  +0

[...] read more | digg story Search [...]

(Comments wont nest below this level)
 
fold this thread Ivan Minic  Wednesday, 5 July 2006 o godz. 8:09 pm #  Add karma Subtract karma  +1

Thanks for these tips :D

(Comments wont nest below this level)
 
fold this thread web design uk  Wednesday, 5 July 2006 o godz. 10:30 pm #  Add karma Subtract karma  +0

Ah I love that secure file copying method. Keep up the great work

(Comments wont nest below this level)
 
fold this thread thedave  Wednesday, 5 July 2006 o godz. 11:35 pm #  Add karma Subtract karma  +1

In one of the comments above, dissaffected said:
“Ungh. ssh-keygen with no password is asking for trouble. ever do this at work.”

That is simply not true. Passwordless private keys are just as secure as keys with passwords (and maybe more so).

The difference is that if someone gains access to your passwordless private key, they have access to anything that key can access. It’s just like a super-secure house key. Virtually impossible to ‘pick’, but easy to use if they have access to the key.

This means that your passwordless private key (id_rsa or id_dsa) should reside on your USB key, and stay with you at all times. It should never be left on a computer that has public access. It should be treated like a safety deposit box key.

Some security analysts are coming to the conclusion that passwordless private keys may be MORE secure than passworded keys. The primary method of gaining access to a system is by password guessing, password observing or social engineering. Most users are not particularly effective at creating passwords (easily guessed), or protecting password entry (password observing). But, most adults have learned to physically protect their car keys, house keys and office ID badges. It’s a concept that is intrinsic. By installing passwordless keys on a token, you allow the user to protect the security of that token, using means that they already understand well.

Now, for the record, if a proffessional gets access to your password protected private key, it’s a fairly simple matter of computational brute force to find a matching password. So, even password protected private keys should be protected on a token.

(Comments wont nest below this level)
fold this thread Derek  Saturday, 21 July 2007 o godz. 7:04 pm #  Add karma Subtract karma  +1

Uh. No. A passwordless RSA/DSA key is by design less secure than one with a password. You still protect the physical security of your private key, but you have an added factor involved.

Your comment about if a “proffessional” getting access to your private key is mistaken as well. A sufficiently long passphrase is statistically highly improbably to be broken until better processing power that can brute through more easily comes along. Even if they have the computational power (say, a distributed network of desktops amongst the entire planet) to do so, that’s not a ‘fairly simple matter’.

So to summarize, use a private key with a significant length, like 2048 bits, a password of at least 15 characters containing both cases of letters, numbers, and non-alphanumeric characters with a minimum of dictionary-searchable phrases, and protect the physical security of your private key using aforementioned methods, such as USB keys attached to your person. Go a few further and research those nifty RSA keychains.

Don’t just assume you know what security is and how to be secure. Actually read up on it instead of taking comments on blogs for granted.

 
fold this thread Georgi Alexandrov  Sunday, 22 July 2007 o godz. 10:51 am #  Add karma Subtract karma  +0

“Now, for the record, if a proffessional gets access to your password protected private key, it’s a fairly simple matter of computational brute force to find a matching password. So, even password protected private keys should be protected on a token.”

That’s so not true. First of all it’s passphrase and not password (http://en.wikipedia.org/wiki/Passphrase). And private key protected by strong passphrase will always be better approach than just private key without passphrase.

 
 
fold this thread Limited-Exposure » Archives » SSH For Me and You  Thursday, 6 July 2006 o godz. 3:26 am #  Add karma Subtract karma  +0

[...] SSH Tricks  [...]

(Comments wont nest below this level)
 
fold this thread links for 2006-07-06 | Musings by Steve Miller  Thursday, 6 July 2006 o godz. 6:17 am #  Add karma Subtract karma  +0

[...] jakilinux.org – english version » SSH tricks (tags: ssh linux tutorial tips security utilities networking) [...]

(Comments wont nest below this level)
 
fold this thread copha.net » Blog Archive » Usando ssh con estilo  Thursday, 6 July 2006 o godz. 7:23 am #  Add karma Subtract karma  +0
(Comments wont nest below this level)
 
fold this thread nana  Thursday, 6 July 2006 o godz. 9:32 am #  Add karma Subtract karma  +0

thedave, what you say does not make sense!

If a person is stupid enough to have an easy to break passphrase, I agree it doesn’t help much, but I for sure take my ssh-keys very seriously and have long (at least 16 characters) difficult (doesn’t make sense for others, looks like random characters) passphrase. Together with ssh-agent I get the same benefits as everybody else. I only use passphrase-less keys in scripts, and then I make a separate key and puts restrictions on the public key on which commands I can execute with it and from where (ip) I can connect using it. I know this makes it more secure, and brute forcing my key will take *a long time*, and within then I hopefully have noticed that I’ve been hacked and remove the public keys from where they are. You say “Passwordless private keys are just as secure as keys with passwords (and maybe more so).”, but then you assume the user is a novice – which only makes me believe /you/ are a novice. If used correct, using passphrases makes it /a lot/ more secure than without. I frankly don’t trust all the administrators and other privileged users on the servers I use, and they have a lot easier task to retrieve my key-file than using it – which contains the amount of damage they can do.

To a different point; When using sftp I believe only the authentication is secure, and afterwards all the files are transferred unencrypted. Using scp (and ssh) all of the transaction is encrypted. What you choose to use should depend on the files you wish to transfer, time (scp may use longer time due to the encryption), and if you have the oportunity to use keys or not.

(Comments wont nest below this level)
 
fold this thread Akson  Thursday, 6 July 2006 o godz. 10:18 am #  Add karma Subtract karma  +0

Nice Windows SSH/SFTP/SCP package is PuTTY:

http://www.chiark.greenend.org.uk/~sgtatham/putty/

(Comments wont nest below this level)
 
fold this thread gloomy  Thursday, 6 July 2006 o godz. 10:28 am #  Add karma Subtract karma  +0

Nice article. People should get rid of telnet/ftp forever and use SSH/SFTP as a standart.

(Comments wont nest below this level)
 
fold this thread colabus  Thursday, 6 July 2006 o godz. 1:59 pm #  Add karma Subtract karma  +0

Nice article bud.

glommy: FTP will be around for a while yet, it’s still one of the more dominant protocols.

(Comments wont nest below this level)
 
fold this thread shabo blog » Blog Archive » SSH tricks  Thursday, 6 July 2006 o godz. 4:07 pm #  Add karma Subtract karma  +0

[...] The article describes in a human language some of the powerful, yet very useful (even for total newbies) capabilities of OpenSSH, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH.read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread mik  Thursday, 6 July 2006 o godz. 6:53 pm #  Add karma Subtract karma  +0

Good job!
Very informative and well written.
This is the first time a read about X forwarding using ssh.
Thanx

(Comments wont nest below this level)
 
fold this thread Tdot  Thursday, 6 July 2006 o godz. 10:46 pm #  Add karma Subtract karma  +0

Nice article. If you are in charge of security for the SSH server I highly recommend to block brute force attacks with the DenyHosts script. Details at http://tdot.blog-city.com/securing_ssh_with_denyhosts.htm

(Comments wont nest below this level)
 
fold this thread zean.no-ip.info » SSH Tricks  Friday, 7 July 2006 o godz. 12:44 am #  Add karma Subtract karma  +0

[...] SSH is a program enabling secure access to remote filesystems. Not everyone is aware of other powerful SSH capabilities, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH! In this article we’ll cover these features and much more.   [...]

(Comments wont nest below this level)
 
fold this thread Marten King  Friday, 7 July 2006 o godz. 1:47 am #  Add karma Subtract karma  +0

ssh -X doesn’t break things, it just FINDS BROKEN THINGS, such as the myriad of Linux X11 software that ignores the X11 Security extension controls.

When you use ssh -Y, you are essentially giving the remote computer unfettered access to your local display. Which, in the context of an article that recommends allowing remote machines to login to the user’s local station with passwordless keys, isn’t that big of a deal.

(Comments wont nest below this level)
 
fold this thread anomie  Friday, 7 July 2006 o godz. 5:20 am #  Add karma Subtract karma  +0

I know this makes it more secure, and brute forcing my key will take *a long time*, and within then I hopefully have noticed that I’ve been hacked and remove the public keys from where they are.

To claim passphrase-less public key authentication is _more_ secure than the same with a passphrase is a bit silly. But the point shouldn’t be lost on you: once the cracker has physical access to that key, brute forcing the passphrase could be trivial enough.

To a different point; When using sftp I believe only the authentication is secure, and afterwards all the files are transferred unencrypted.

Not true. You may be thinking of FTPS (FTP over SSL/TLS), which allows you to encrypt authentication but not file transfers if you choose. SFTP (SSH File Transfer Protocol) has nothing to do with FTP – it just behaves a bit like it. It’s really a subsystem of the OpenSSH software. File transfers under SFTP occur over an encrypted connection.

One of the only substantial advantages in using SFTP instead of SCP is that with SFTP you can list/traverse directories and delete remote files.

(Comments wont nest below this level)
 
fold this thread I Only Wish » Blog Archive » SSH tricks  Friday, 7 July 2006 o godz. 1:12 pm #  Add karma Subtract karma  +0

[...] read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread Tony Perrie  Friday, 7 July 2006 o godz. 4:45 pm #  Add karma Subtract karma  +0

I always remember this trick to copy my public key…

localhost % cat ~/.ssh/id_rsa.pub | ssh remotehost " cat - >> ~/.ssh/authorized_keys; chmod go-wrx ~/.ssh/authorized_keys"

The other thing to remember is that if you create an authorized_keys file, it must not be readable or writable by group or other (go-wrx). Ssh will not recognize a key from a world readable authorized_keys file by default. Also, the .ssh directory must only be readable by the user, but this is usually true by default on all Unix systems EXCEPT cygwin.

(Comments wont nest below this level)
 
fold this thread cassandrakuno  Friday, 7 July 2006 o godz. 5:32 pm #  Add karma Subtract karma  +0

this site is awesome lots of info… kudos to the owner..

(Comments wont nest below this level)
 
fold this thread lemasney.com » Blog Archive » links for 2006-07-06  Saturday, 8 July 2006 o godz. 4:44 am #  Add karma Subtract karma  +0

[...] jakilinux.org – english version » SSH tricks SSH (secure shell) is a program enabling secure access to remote filesystems. Not everyone is aware of other powerful SSH capabilities, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using S (tags: opensource tools reference) [...]

(Comments wont nest below this level)
 
fold this thread fred  Saturday, 8 July 2006 o godz. 3:31 pm #  Add karma Subtract karma  +0

another nice way to get an X session remotely is
to use NXclient and FreeNX.
uses SSH to do the work.

(Comments wont nest below this level)
 
fold this thread robd  Sunday, 9 July 2006 o godz. 10:43 am #  Add karma Subtract karma  +0

Hey michuk – great article – keep up the good work.

I must say that I think the people who knock the password-less login are a bit anal about security. I agree with michuk that’s it’s fine to have no passphrase – security is a balancing act between security and convenience, and that’s what we use on our office ssh server. You can login, but ONLY with a private key. We just get annoyed at the constant stream of brute force ssh login attempts from compromised hosts. If I was working for a government security agency I would want more security, but for us it’s just fine.

(Comments wont nest below this level)
 
fold this thread EveryDigg » Blog Archive » SSH tricks  Monday, 10 July 2006 o godz. 2:25 am #  Add karma Subtract karma  +0

[...] The article describes in a human language some of the powerful, yet very useful (even for total newbies) capabilities of OpenSSH, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH.read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread digitald  Tuesday, 11 July 2006 o godz. 6:52 am #  Add karma Subtract karma  +0

Port forwarding is great, I use it all the time…for TCP. Anyone ever come up with a step by step method for forcing UDP traffic over SSH???

I unsuccessfully followed this tutorial (though due to my own error I am sure):

http://zarb.org/~gc/html/udp-in-ssh-tunneling.html

Thanks!

(Comments wont nest below this level)
 
fold this thread SSH Tricks at baka-rangers  Tuesday, 11 July 2006 o godz. 9:27 am #  Add karma Subtract karma  +0

[...] I found a nice page with some SSH Tips and Tricks Check it out. [...]

(Comments wont nest below this level)
 
fold this thread brenden.com  Wednesday, 12 July 2006 o godz. 6:59 am #  Add karma Subtract karma  +0

I’m surprised no one’s mentioned this yet — using iptables, rate limit incoming connections to your port 22 to 3 attempts every 5 minutes:

# RATE LIMIT CONNECTION ATTEMPTS to 3 per 5 minutes per ip
iptables -A INPUT -p tcp –dport 22 -i eth1 -m state –state NEW -m recent –set
iptables -A INPUT -p tcp –dport 22 -i eth1 -m state –state NEW -m recent –update –seconds 300 –hitcount 3 -j DROP

(Comments wont nest below this level)
 
fold this thread elsamu.net » Archivo » Sesin grfica via SSH  Thursday, 13 July 2006 o godz. 4:35 am #  Add karma Subtract karma  +0

[...] Enlaces de inters: SSH Tricks [...]

(Comments wont nest below this level)
 
fold this thread tek1024  Wednesday, 19 July 2006 o godz. 9:31 am #  Add karma Subtract karma  +1

In all my time using SSH, I’ve only ever used SSH and SFTP to transfer files; I never knew about SCP! Thanks for this handy listing of tricks, this is quite excellent :)

(Comments wont nest below this level)
 
fold this thread ThinkBlog » Blog Archive » July 2006 Geek Stuff 1  Wednesday, 19 July 2006 o godz. 10:26 am #  Add karma Subtract karma  +0

[...] SSH Tricks. Including how to wield SCP (secure file copy), how to use SSH without passwords by using the builtin keygen for specific MAC addresses (while noting that it is something of a security hole), remote execution, X11 forwarding (running graphical Linux applications remotely), and mounting a remote folder with SSHFS as an alternative to tunneling SAMBA mounts. [...]

(Comments wont nest below this level)
 
fold this thread mr.shintla  Thursday, 20 July 2006 o godz. 3:55 pm #  Add karma Subtract karma  +0

missing another superbe trick:
remote script execution based on a ssh-key

on source-machine-A:
ssh-keygen -t rsa -f ~/.ssh/id_rsa_ssh_b
echo ‘some parameter’ | ssh -o’identityfile ~/.ssh/id_rsa_ssh_b’ target-machine-B

on target-machine-B add this line to the spezific key in .ssh/authorized_keys2:
command=”/root/bin/targetscript.pl” ssh-rsa PUBKEY_FROM_source-machine-A

you can even more paramterize the started script on the target-machine-B adding in front of “command”:
no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding

(Comments wont nest below this level)
 
fold this thread Wilco Niessen dot com » Blog Archive » SSH tricks  Saturday, 22 July 2006 o godz. 11:45 am #  Add karma Subtract karma  +0

[...] The article describes in a human language some of the powerful, yet very useful (even for total newbies) capabilities of OpenSSH, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH.read more | digg story Posted by Wilco Filed in Undefined [...]

(Comments wont nest below this level)
 
fold this thread heath’s Daemon Castle » Blog Archive » links for 2006-08-03  Thursday, 3 August 2006 o godz. 5:26 pm #  Add karma Subtract karma  +0

[...] jakilinux.org – english version » SSH tricks (tags: linux ssh) [...]

(Comments wont nest below this level)
 
fold this thread tutankamon  Tuesday, 15 August 2006 o godz. 11:01 am #  Add karma Subtract karma  +0

very good article! keep up the good work.

(Comments wont nest below this level)
 
fold this thread Thiago Taranto  Wednesday, 13 September 2006 o godz. 1:29 pm #  Add karma Subtract karma  +0

nice article!

(Comments wont nest below this level)
 
fold this thread JoeSolDad  Friday, 13 October 2006 o godz. 10:20 pm #  Add karma Subtract karma  +0

I need to migrate my Solaris ftp code to sftp. sftp doesn’t have a logging capibility that is similiar to ftp’s -v option.

How do I show remote server responses with sftp.

Thanks

-v Shows all responses from the remote server, as well as
report on data transfer statistics. This is turned on
by default if ftp is running interactively with its
input coming from the user’s terminal.

(Comments wont nest below this level)
 
fold this thread screp  Tuesday, 31 October 2006 o godz. 10:15 pm #  Add karma Subtract karma  +0

great !!

(Comments wont nest below this level)
 
fold this thread krp  Wednesday, 8 November 2006 o godz. 1:11 pm #  Add karma Subtract karma  +0

good for a newbie to learn about ssh

(Comments wont nest below this level)
 
fold this thread Anil  Tuesday, 26 December 2006 o godz. 3:16 pm #  Add karma Subtract karma  +0

Hi michuk,
The passwordless scp is working fine for me from the command line. But if I put the same into a php script and call it from the browser, I am getting the following error,

“Executing ssh2 failed. Command:’ ssh2 -l login -x -a -o clearallforwardings yes -o passwordprompt %U@%H’s password: -o nodelay yes -o authenticationnotify yes machinename -s sftp’ System error message: ‘No such file or directory’” [1]=> string(56) “scp: warning: child process (ssh2) exited with code 255.”

Here is the php code(scp.html):(running under apache)

&1 &”,$out, $ret);

var_dump($out);
var_dump($ret);

?>

Pl let me know if I am missing something

(Comments wont nest below this level)
 
fold this thread Anil  Tuesday, 26 December 2006 o godz. 3:18 pm #  Add karma Subtract karma  +0

Sorry, here is the script, Which I am trying to call from the browser

&1 &”,$out, $ret);

var_dump($out);
var_dump($ret);

?>

(Comments wont nest below this level)
 
fold this thread swarna  Sunday, 18 February 2007 o godz. 4:11 pm #  Add karma Subtract karma  +0

i have a doubt mounting a remote folder in the server side or client side?

(Comments wont nest below this level)
 
fold this thread SWARNALAKSHMI R.  Sunday, 18 February 2007 o godz. 4:34 pm #  Add karma Subtract karma  +0

thanks got the doubt clarified

(Comments wont nest below this level)
 
fold this thread Garam Chitti  Wednesday, 21 February 2007 o godz. 1:14 am #  Add karma Subtract karma  +0

I’d like to know how I can kill and later start that same process on a remote machine which I can ssh into. I can get the PID of the process of the remote machine and kill it. However, I am unable to start that same process on the remove machine. Are there any other sites with good ssh tricks like this one?

(Comments wont nest below this level)
 
fold this thread Tony P  Saturday, 21 July 2007 o godz. 8:33 pm #  Add karma Subtract karma  +0

In addition to the tools you mentioned for windows I’d like to add one that we find indispensable at work.

PuTTY, or more specifically the full PuTTY suit which include PSCP which allows you to transfer files from a command prompt on windows to a nix server.

And thanks for the blurb about SSHFS, I’ll have to check that out. We already use the keys for server-server and client-server logins and we do use passphrases.

(Comments wont nest below this level)
fold this thread michuk  Saturday, 21 July 2007 o godz. 10:21 pm #  Add karma Subtract karma  +0

I personally prefer cygwin’s port of SSH when on Windows. But putty is not bad either.

 
 
fold this thread Gordon McCreight  Sunday, 22 July 2007 o godz. 2:59 am #  Add karma Subtract karma  +0

Tony P and michuk,
I use PuTTYcyg, which is a PuTTY patch for Cygwin. It’s very nice because you get the full utility of Cygwin, with the excellent PuTTY term.

(Comments wont nest below this level)
 
fold this thread George  Sunday, 22 July 2007 o godz. 5:43 am #  Add karma Subtract karma  +0

Just a note of caution. In the section on sshfs the article says to use “usermod -G fuse user1″. From reading the man file on usermod it should be “usermod -G -a fuse user1″.

What led me to the man file is that I did it as stated in the article and removed myself from all other groups. I was using my admin account on Ubuntu–I have not created a root password. This prevented me from being able to use sudo. Luckily I already knew how to edit grub and log in single mode, so I was able to add myself back to the groups needed. I am sort of a newbie, I am sure there are newbies newer then me out there though. They may not know how to log into single user mode and be completely whacked after doing this.

(Comments wont nest below this level)
fold this thread michuk  Sunday, 22 July 2007 o godz. 11:39 am #  Add karma Subtract karma  +0

Thanks George, fixed.

 
 
fold this thread alex  Sunday, 22 July 2007 o godz. 11:46 am #  Add karma Subtract karma  +0

Just a minor note which saves you 2 key strokes:

scp user1@remote_server:~/file.txt .
is equal to
scp user1@remote_server:file.txt .
(if you give a relative path (or no path) then the home directory of the user is assumed)

(Comments wont nest below this level)
 
fold this thread alex  Sunday, 22 July 2007 o godz. 11:49 am #  Add karma Subtract karma  +0

I forgot one thing: don’t forget a trailing colon for hostnames (if you want to copy something to the remote home dir), because scp would then do a local file copy.

scp file.txt remote_server (local file copy)
vs.
scp file.txt remote_server: (copies the file to the remote home dir)

(Comments wont nest below this level)
 
fold this thread lxs  Sunday, 22 July 2007 o godz. 4:55 pm #  Add karma Subtract karma  --1

Good god… When did writing an article with a few basics available in the man pages as well as a thousand other web pages become ‘tricks’?

(Comments wont nest below this level)
fold this thread michuk  Sunday, 22 July 2007 o godz. 7:49 pm #  Add karma Subtract karma  +0

@lxs: Somehow this is one of the most popular guides on PolishLinux website. So I guess people need this kind of information. Manuals are n good but onlt if you know what you want and don’t know how to achieve it. When someone doesn’t even realize what SSH can do for him, it’s the kind of article that is helpful.
Also remember that we target newcomers, beginner users, not hardcore UNIX masters.

 
 
fold this thread SLN  Monday, 23 July 2007 o godz. 12:31 pm #  Add karma Subtract karma  +0

Or just see SecPanel for GUI-supported achievement of most of the mentioned tasks: http://secpanel.mymediahost.de

(Comments wont nest below this level)
 
fold this thread holotone.net  Wednesday, 25 July 2007 o godz. 2:36 am #  Add karma Subtract karma  +0

[...] polishlinux.org » SSH tricks [...]

(Comments wont nest below this level)
 
fold this thread mysurface  Friday, 3 August 2007 o godz. 2:37 am #  Add karma Subtract karma  +0

I would like to share more tricks over here, http://linux.byexamples.com/archives/category/admin/ssh/

Including ssh dynamic tunneling, reverse tunneling, duplicate ssh session etc.

(Comments wont nest below this level)
 
fold this thread Мой путь к Успеху » Интересное за выходные  Monday, 1 October 2007 o godz. 4:18 pm #  Add karma Subtract karma  +1

[...] Хитрости SSH (перевод статьи “SSH Tricks”) Ниже представлен мой перевод замечательной статьи SSH Tricks [...]

(Comments wont nest below this level)
 
fold this thread Grant Mclean  Thursday, 4 October 2007 o godz. 12:20 am #  Add karma Subtract karma  +0

Shameless plug … Linux users who want a GUI to manage SSH sessions should take a look at SSHMenu. It works with your SSHAgent so you can have a passphrase on your key and it will prompt you to unlock it the first time. SSHMenu also allows you to set colours and fonts for terminal windows so you can visually distinguish production servers for example.

(Comments wont nest below this level)
 
fold this thread Unix Mouth » Blog Archive » SSH tricks  Tuesday, 30 October 2007 o godz. 1:44 pm #  Add karma Subtract karma  +0

[...] read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread Nick  Wednesday, 14 November 2007 o godz. 12:18 am #  Add karma Subtract karma  +0

nice articla.It will be very usefull to me..

(Comments wont nest below this level)
 
fold this thread jj  Thursday, 1 May 2008 o godz. 1:48 am #  Add karma Subtract karma  +0

It’s nice to see someone writing a summary article. Linux authors tend to furnish a lot of detail about subsets of information and do not provide a big picture.

This article has helped me and now I have a framework to understand other articles and learn more about SSH.

Thanks from Boston

(Comments wont nest below this level)
 
fold this thread john  Monday, 23 June 2008 o godz. 3:17 pm #  Add karma Subtract karma  +0

web based ssh client -

http://www.browsershell.com

(Comments wont nest below this level)
fold this thread michuk  Monday, 23 June 2008 o godz. 4:33 pm #  Add karma Subtract karma  +1

And who on Earth would give their passwords to an unknown web based client?

fold this thread rq12  Sunday, 29 June 2008 o godz. 1:20 pm #  Add karma Subtract karma  +0

just depends on the quality of emergency i guess. when behind a firewall/proxy you detect that your server is down it might be the best way to get it up again quickly. if you trust your providers.

a free (ad- and captcha) based alternative to browsershell.com can be found on http://www.serfish.com by the way :)

 
 
 
fold this thread My blog ! » Blog Archive » SSH Tricks !  Saturday, 2 August 2008 o godz. 12:39 am #  Add karma Subtract karma  +0
(Comments wont nest below this level)
 
fold this thread SSH tricks « Shower Curtains  Monday, 25 August 2008 o godz. 3:02 am #  Add karma Subtract karma  +1

[...] read more | digg story Posted by brendis26 Filed in Uncategorized [...]

(Comments wont nest below this level)
 
fold this thread SSH tricks  Sunday, 31 August 2008 o godz. 5:56 pm #  Add karma Subtract karma  +0

[...] read more | digg story [...]

(Comments wont nest below this level)
 
fold this thread Nic  Wednesday, 5 November 2008 o godz. 9:46 am #  Add karma Subtract karma  +0

Thanks for these tips

(Comments wont nest below this level)
 
fold this thread FTP server | keyongtech  Sunday, 18 January 2009 o godz. 5:19 pm #  Add karma Subtract karma  +0

[...] a userid on the receiving box. scp myfile.txt receiving_user@remotemachine:/my/directory/path http://polishlinux.org/apps/ssh-tricks — Ken Foskey FOSS [...]

(Comments wont nest below this level)
 
fold this thread Phil  Thursday, 22 October 2009 o godz. 11:26 am #  Add karma Subtract karma  +0

My favorite tip: The webbased ssh-clients, for example http://electrica-ms.mures.rdsnet.ro/ . Very handy when using a computer without sshclient or a computer on a network where the firewall only allows httptraffic

(Comments wont nest below this level)
 
fold this thread vesti srbija  Tuesday, 9 March 2010 o godz. 11:27 am #  Add karma Subtract karma  +0

Where I can find more article like this. I’m interested for this theme.

(Comments wont nest below this level)
 
fold this thread Ubuntu setup – page 1 « Em44y’s Blog  Thursday, 11 March 2010 o godz. 6:16 pm #  Add karma Subtract karma  +0

[...] security (and passwordless logins are far more secure than using passwords), then here is a nice ssh tricks [...]

(Comments wont nest below this level)
 
fold this thread izrada web sajta  Tuesday, 23 March 2010 o godz. 2:51 pm #  Add karma Subtract karma  +0

I personally prefer cygwin’s port of SSH when on Windows…

(Comments wont nest below this level)
 
fold this thread amza  Saturday, 16 October 2010 o godz. 12:13 pm #  Add karma Subtract karma  +0

thanks for this tuts .. very nice and well organized .

(Comments wont nest below this level)
 
fold this thread Keratin Hair Treatment %0A  Thursday, 18 November 2010 o godz. 1:19 pm #  Add karma Subtract karma  +0

those plastic shower curtains are very cheap and you can install it easily without sweat ~’,

(Comments wont nest below this level)
 
fold this thread Verizon Phone Deals  Friday, 4 February 2011 o godz. 5:46 am #  Add karma Subtract karma  +0

Verizon Phone Deals…

polishlinux.org ” SSH tricks Verizon Phone Deals Thursday…

(Comments wont nest below this level)
 
fold this thread self hypnosis techniques  Thursday, 14 April 2011 o godz. 6:42 pm #  Add karma Subtract karma  +0

[...]
polishlinux.org » SSH tricks [...]

(Comments wont nest below this level)
 
fold this thread Trabalhando com SSH no Arch Linux - Underground Linux  Friday, 27 January 2012 o godz. 1:08 pm #  Add karma Subtract karma  +0

[...] ssh e se divirtam!! Fontes: http://pangea.stanford.edu/computing/unix/netcommands/scpsftp.php e http://polishlinux.org/apps/ssh-tricks/ 27/01/2012 • Arch Linux, Linux • Arch Linux, openssh, rssh, ssh • Deixe um [...]

(Comments wont nest below this level)
 
fold this thread Truque Ssh: Sem Senha | Planeta Globo.com  Friday, 27 January 2012 o godz. 2:00 pm #  Add karma Subtract karma  +0
(Comments wont nest below this level)
 
fold this thread Nestor  Monday, 31 December 2012 o godz. 8:31 am #  Add karma Subtract karma  +0

It’s perfect time to make some plans for the long run and it is time to be happy. I’ve learn this
put up and if I may I desire to counsel you some fascinating
things or suggestions. Perhaps you can write next articles relating
to this article. I wish to learn more issues about
it!
click the following post
and click the next internet site
and click for source
and also click for source

(Comments wont nest below this level)
 
fold this thread Http://Www.Mijuchurch.Org/Xe/?Mid=Board6&Document_Srl=4951&ListStyle=&Cpage=  Sunday, 13 January 2013 o godz. 3:17 pm #  Add karma Subtract karma  +0

You can combine in &frac12 of a cup of salt and &frac12 of a cup of baking soda and pour them in
the drain. Despite the fact that you however simply cannot make as huge sandwiches
as if you experienced a panini sandwich
maker, it is still a very low cost selection that you can bear in intellect mainly because
it does the task. The far more one particular appears to be like at so-named commodities (any person acquire bottled water recently.

(Comments wont nest below this level)
 
fold this thread Janice  Thursday, 17 January 2013 o godz. 7:20 am #  Add karma Subtract karma  +0

Usually I do not read post on blogs, however
I would like to say that this write-up very forced me to take a look at and do so!
Your writing style has been amazed me. Thanks,
quite nice article.

(Comments wont nest below this level)
 
fold this thread countrywide conveyancing  Saturday, 19 January 2013 o godz. 6:19 pm #  Add karma Subtract karma  +0

Im not that much of a online reader to be honest but your blogs really nice, keep it up!
I’ll go ahead and bookmark your website to come back in the future. All the best

(Comments wont nest below this level)
 
fold this thread Baladodiffusion  Thursday, 14 February 2013 o godz. 1:31 am #  Add karma Subtract karma  +0

Thanks for your marvelous posting! I truly enjoyed
reading it, you can be a great author.I will be sure to bookmark your blog
and definitely will come back from now on. I want to
encourage you continue your great writing, have a nice evening!

(Comments wont nest below this level)
 
fold this thread binaryexpert.com  Sunday, 17 February 2013 o godz. 3:06 am #  Add karma Subtract karma  +0

Hi there, just wanted to say, I enjoyed this
post. It was practical. Keep on posting!

(Comments wont nest below this level)
 
fold this thread Check This Out  Friday, 19 April 2013 o godz. 7:04 am #  Add karma Subtract karma  +0

I have to thank you for the efforts you’ve put in writing this site. I really hope to view the same high-grade blog posts from you in the future as well. In truth, your creative writing abilities has inspired me to get my own, personal website now ;)

(Comments wont nest below this level)
 
fold this thread http://www.amsterdam-shop.cz  Sunday, 21 April 2013 o godz. 10:25 pm #  Add karma Subtract karma  +0

This is my first time pay a quick visit at here and i am in fact happy
to read all at single place.

(Comments wont nest below this level)
 
fold this thread Download Premium From Multiple File hosts One Low price 250 MD Free Pemium  Friday, 26 April 2013 o godz. 6:17 am #  Add karma Subtract karma  +0

Import your WAV file into i – Tunes by clicking on “File >Add File to Library. There are ways to make the file play within the Macintosh and Linux operating systems, but for the most part the file is more common within Windows. Then connect your Android device to your PC, and transfer the APK files to your SD card.

(Comments wont nest below this level)
 
fold this thread miami club online  Tuesday, 30 April 2013 o godz. 4:03 pm #  Add karma Subtract karma  +0

The actual slot machine game game titles vary from non-skill dependent slots mainly because you will find a couple spins along with the person
selects to help keep as well as toss the effects from your very first rewrite.
There were many instructions which may have proven
the best way to spot bets along with earn while using the chances typically in your favor.
For the majority of effective miami club online just isn’t more than 100 years. Sites that could offer you relevant data that will help you make a rational in addition to lucid determination where World wide web Casino to choose are usually those who you wish to try to find.

(Comments wont nest below this level)
 
fold this thread goodbye cellulite stretch marks  Friday, 3 May 2013 o godz. 7:09 am #  Add karma Subtract karma  +0

machine cellulite philips

(Comments wont nest below this level)
 
fold this thread Best Hotels In India  Wednesday, 8 May 2013 o godz. 10:12 pm #  Add karma Subtract karma  +0

The last popular diving site is at Lakshadweep, composed of 36 coral islands filled with diverse
marine life including sharks, tuna, and sting
rays in the blue green waters of the Indian ocean.
The tours are either region based or theme based giving the guests a unique holiday experience.
It is the pleasure for all tourists to cherish the beauty of sea shores, hill
stations, wildlife, ancient temples, old forts etc.

(Comments wont nest below this level)
 
fold this thread ageless male  Friday, 10 May 2013 o godz. 8:45 pm #  Add karma Subtract karma  +0

I take pleasure in, result in I discovered exactly what I used to be having a look for.
You have ended my four day long hunt! God Bless you man.
Have a nice day. Bye

(Comments wont nest below this level)
 
fold this thread Myrna  Saturday, 11 May 2013 o godz. 7:13 pm #  Add karma Subtract karma  +0

Have you ever thought about creating an ebook or guest authoring on other blogs?
I have a blog centered on the same subjects you discuss and would love to have you
share some stories/information. I know my viewers would value your work.
If you’re even remotely interested, feel free to shoot me an e-mail.

(Comments wont nest below this level)
 
fold this thread burning fat fast  Sunday, 12 May 2013 o godz. 10:29 am #  Add karma Subtract karma  +0

Wonderful website you have here but I was curious
about if you knew of any forums that cover the same topics discussed in this article?
I’d really like to be a part of group where I can get feedback from other knowledgeable individuals that share the same interest. If you have any suggestions, please let me know. Thanks!

(Comments wont nest below this level)
 
fold this thread Casino Online  Monday, 27 May 2013 o godz. 2:23 am #  Add karma Subtract karma  +0

On the subject of stand video games, Casino Online functions your popular Blackjack as well as
Baccarat. To a lot of people, bingo callers are only a necessary part of the bingo activity.

(Comments wont nest below this level)
 
fold this thread celebs without makeup  Tuesday, 4 June 2013 o godz. 1:18 pm #  Add karma Subtract karma  +0

For most up-to-date information you have to pay a quick visit internet
and on web I found this website as a best site for most recent
updates.

(Comments wont nest below this level)
 
fold this thread relojes festina  Friday, 14 June 2013 o godz. 8:56 pm #  Add karma Subtract karma  +0

always i used to read smaller articles or reviews which also clear their motive, and that is also happening with this paragraph which I am reading now.

(Comments wont nest below this level)
 
fold this thread buy cialis uk no prescription  Thursday, 20 June 2013 o godz. 1:47 pm #  Add karma Subtract karma  +0

Performance anxiety is the commonest cause of erectile
dysfunction that there is. If you suffer from erection problems and take
the 50mg dose of sildenafil 30-60 minutes before sex, you are likely to get
the kind of erectile hardness you are looking for. This helps improve the blood flow to the spongy penile tissues known as the corpus
cavernosum.

(Comments wont nest below this level)
 
fold this thread zquiet  Thursday, 20 June 2013 o godz. 5:37 pm #  Add karma Subtract karma  +0

Howdy just wanted to give you a quick heads up. The words in your article seem to be
running off the screen in Chrome. I’m not sure if this is a format issue or something to do with web browser compatibility but I thought I’d
post to let you know. The layout look great though! Hope you get
the issue fixed soon. Cheers

(Comments wont nest below this level)
 
fold this thread cartoon network old shows videos  Sunday, 23 June 2013 o godz. 3:43 am #  Add karma Subtract karma  +0

I’m really enjoying the design and layout of your website. It’s a very easy on the eyes which makes
it much more enjoyable for me to come here and visit more often.
Did you hire out a designer to create your theme?
Superb work!

(Comments wont nest below this level)
 
fold this thread Leah Morres  Thursday, 27 June 2013 o godz. 8:47 pm #  Add karma Subtract karma  +0

It’s truly a nice and helpful piece of info.. I am glad that you shared this helpful info with us… Please stay us up to date like this.. Thanks for sharing. Raleigh Roofing, 3221 Durham Dr., #101-C, Raleigh, NC, 27603, US, 919-701-6300

(Comments wont nest below this level)
 
fold this thread Responsible Trading  Monday, 8 July 2013 o godz. 2:36 am #  Add karma Subtract karma  +0

We deliver a number of different versions within this trading solution, while using “higher or perhaps lower”, as well
as A digital solution currently being merely the standard.
For instance, if your Responsible Trading during the night, take into account that certain areas just like the S& S 500 or the NASDAQ
will not be detailed, for that reason, you’ve got to make sure that the trade was in an industry which is presently installed and operating. Completely different through conventional possibilities, these kind of possess diverse costs, numbers of risk, affiliate payouts, and a purchase method and liquidity framework. Responsible Trading are usually one of many easiest means there for increase your revenue today. In the following paragraphs, we may examine just what Responsible Trading usually are, how much an individual remain to be able to gain or lose, along with the good as well as negative tasks of Responsible Trading buying and selling when compared with classic expenditure autos.

(Comments wont nest below this level)
 
fold this thread hot sex pictures  Thursday, 18 July 2013 o godz. 7:33 am #  Add karma Subtract karma  +0

Hi there very nice site!! Man .. Excellent .. Superb .. I’ll bookmark your web site and take the feeds also? I am happy to seek out so many useful information right here within the submit, we’d like develop extra strategies in this regard, thanks for sharing.
. . . . .

(Comments wont nest below this level)
 
fold this thread best eye cream for crows feet 2012  Monday, 22 July 2013 o godz. 10:59 pm #  Add karma Subtract karma  +0

Other than this, day creams are the best on the market today.

So, the best under eye cream for any skin type. Our pores and skin
underneath the eyes. Females can be the best
cream for puffy eyes. Reading eye cream reviews is solid
method for finding the best one is reading testimonials.

It also helps in improving hydration and circulation around the eyes is
available.

(Comments wont nest below this level)
 
fold this thread Testerone  Friday, 26 July 2013 o godz. 12:46 am #  Add karma Subtract karma  +0

Generally I don’t read article on blogs, however I would like to say that this write-up very pressured me to try and do so! Your writing style has been surprised me. Thank you, quite great article.

(Comments wont nest below this level)
 
fold this thread http://journals.fotki.com/elviabcy/elviabcy/entry/gqrdrwqbtrbw  Saturday, 27 July 2013 o godz. 9:10 am #  Add karma Subtract karma  +0

Hello i am kavin, its my first time to commenting anyplace, when i read
this paragraph i thought i could also make comment due to this
good post.

(Comments wont nest below this level)
 

I have a keen analytical eyesight pertaining to detail and may foresee difficulties just before these people occur.

(Comments wont nest below this level)
 

Excellent excited analytical attention meant
for detail and may anticipate problems just before they happen.

(Comments wont nest below this level)
 

Hello! I just would like to give an enormous thumbs up for the nice information you could have here on this post.
I can be coming back to your blog for more soon.

(Comments wont nest below this level)
 

Hey! I just want to give a huge thumbs up for the great data you could have here on this post.
I shall be coming back to your blog for extra soon.

(Comments wont nest below this level)
 
fold this thread 36 bank line  Wednesday, 31 July 2013 o godz. 4:32 am #  Add karma Subtract karma  +0

Excellent happy analytical vision intended for details and
can anticipate complications just before they will happen.

(Comments wont nest below this level)
 

Good day! I simply would like to give an enormous thumbs up
for the good info youve here on this post.
I will be coming back to your blog for extra soon.

(Comments wont nest below this level)
 

Excellent happy analytical eye to get details and can anticipate issues before these people take place.

(Comments wont nest below this level)
 

I love to share knowledge that I’ve built up through the 12 months to assist improve team efficiency.

(Comments wont nest below this level)
 
fold this thread Anonymous  Wednesday, 31 July 2013 o godz. 6:28 am #  Add karma Subtract karma  +0

I have a keen synthetic eyesight meant for detail and can anticipate complications just before they will happen.

(Comments wont nest below this level)
 

I love to disseminate understanding that will I have accumulated through the year
to assist improve group overall performance.

(Comments wont nest below this level)
 
fold this thread Anonymous  Friday, 2 August 2013 o godz. 4:01 pm #  Add karma Subtract karma  +0

Hello! I just want to give a huge thumbs up for the
nice info youve got here on this post. I might be coming again to your blog for more soon.

(Comments wont nest below this level)
 

I like to disseminate knowledge that I have accrued through the year to help enhance team overall performance.

(Comments wont nest below this level)
 
fold this thread 外燴  Wednesday, 7 August 2013 o godz. 9:14 am #  Add karma Subtract karma  +0

Howdy! I just wish to give a huge thumbs up for the good data you may have here on this
post. I can be coming again to your blog for extra soon.

(Comments wont nest below this level)
 
fold this thread web browsers  Friday, 9 August 2013 o godz. 10:29 am #  Add karma Subtract karma  +0

Opera was originally developed in 1994 by the Norwegian company Telenor.

Who are the people who break into, modify or steal data.
Cores of sea sediment, glacial ice, cave formations (stalactites
and stalagmites) and tree ring growth rate are some of the more common
proxies used.

(Comments wont nest below this level)
 
fold this thread gigapeta free account  Sunday, 25 August 2013 o godz. 7:02 pm #  Add karma Subtract karma  +0

Pretty section of content. I just stumbled upon your web site and in accession capital to assert that
I get in fact enjoyed account your blog posts.

Anyway I will be subscribing to your augment and even I achievement you
access consistently quickly.

(Comments wont nest below this level)
 
fold this thread Ultimate Therapy Guide  Thursday, 17 October 2013 o godz. 8:31 pm #  Add karma Subtract karma  +0

And rest after meals to allow proper digestion to take place.
Being trained in the systems theory means that she helps her patients look at their current and past family relationships.

I was lying on Jules’ recliner covered with a sheet because I am always cold due
to my days in the womb and the fact that my body temperature runs a degree and a half or two below normal and I don’t
generate enough heat in my body.

(Comments wont nest below this level)
 
fold this thread Myrtis  Thursday, 24 October 2013 o godz. 6:54 am #  Add karma Subtract karma  +0

Hi there Dear, are you genuinely visiting this web site regularly, if so afterward you
will without doubt get pleasant experience.

(Comments wont nest below this level)
 
fold this thread maplestory hacks and bots  Saturday, 2 November 2013 o godz. 12:58 pm #  Add karma Subtract karma  +0

It’s hard to come by educated people about this topic, however,
you seem like you know what you’re tzlking about!
Thanks

(Comments wont nest below this level)
 
fold this thread http://Www.Youtube.com/  Monday, 4 November 2013 o godz. 1:42 am #  Add karma Subtract karma  +0

It’s amazing to visit this web page and reading the views of all mates concerning this paragraph,
while I am also eager of getting experience.

(Comments wont nest below this level)
 
fold this thread top web design firms dc  Monday, 4 November 2013 o godz. 10:55 pm #  Add karma Subtract karma  +0

Howdy! Do yoou knmow if they make any plugins to assist with SEO?
I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good gains.
If you know of any please share. Thanks!

(Comments wont nest below this level)
 
fold this thread essay writing  Tuesday, 5 November 2013 o godz. 10:00 pm #  Add karma Subtract karma  +0

After looking over a few of the articpes on yoour
web page, I truly appreciate your technique of writing a blog.
I book marked it to my bookmark site list and will bee checking back in tthe
near future. Take a look at my web site too and tell me whwt
you think.

(Comments wont nest below this level)
 
fold this thread www.josephdeungria.com  Tuesday, 12 November 2013 o godz. 5:54 pm #  Add karma Subtract karma  +0

I have been exploring for a little for any high quality articles or blog posts
in this kind of space . Exploring in Yahoo I ultimately
stumbled upon this website. Reading this information So i am satisfied to exhibit that I’ve a very just
right uncanny feeling I discovered just what I needed.
I most certainly will make certain to do not forget this
website and give it a glance on a constant basis.

(Comments wont nest below this level)
 
fold this thread roof repair  Wednesday, 13 November 2013 o godz. 11:20 pm #  Add karma Subtract karma  +0

If you are in construction you realize that there’s a lot of recourses which are total rubbish, fortunately your site is not one of those websites, i really like your articles very much, continue the great work

(Comments wont nest below this level)
 
fold this thread More Info  Friday, 15 November 2013 o godz. 5:11 am #  Add karma Subtract karma  +0

Rather interesting….look forth to coming back.

(Comments wont nest below this level)
 
fold this thread http://www.youtube.com/watch?v=NSGEsrVqkOU  Friday, 15 November 2013 o godz. 1:45 pm #  Add karma Subtract karma  +0

Hello there I am so excited I found your blog, I really found you by mistake, while I was searching on
Bing for something else, Anyways I am here now and would just like to say kudos for a incredible post and a all round
exciting blog (I also love the theme/design), I don’t have
time to browse it all at the minute but I have saved it and also included your RSS feeds, so when I have time I
will be back to read a great deal more, Please do keep up the great
work.

(Comments wont nest below this level)
 
fold this thread internet marketing  Saturday, 23 November 2013 o godz. 5:09 am #  Add karma Subtract karma  +0

Please contact us for more information on this excellent post.

(Comments wont nest below this level)
 
fold this thread belanja online celana dalam wanita  Saturday, 23 November 2013 o godz. 6:12 pm #  Add karma Subtract karma  +0

Your style is so unique compared to other folks I have read stuff from.
Thank you for posting when you’ve got the opportunity, Guess I’ll just book mark
this blog.

(Comments wont nest below this level)
 
fold this thread download imvu credits hack  Sunday, 24 November 2013 o godz. 2:19 pm #  Add karma Subtract karma  +0

Hello! I know this is somewhat off topic but
I was wondering which blog platform are you using for this website?
I’m getting tired of WordPress because I’ve had
problems with hackers and I’m looking at alternatives for another platform.

I would be fantastic if you could point me in the direction of a good platform.

(Comments wont nest below this level)
 
fold this thread how to create a website  Tuesday, 26 November 2013 o godz. 11:45 am #  Add karma Subtract karma  +0

I got this web site from my friend who shared with me about
this website and at the moment this time I am browsing this
web site and reading very informative articles at this time.

(Comments wont nest below this level)
 
fold this thread Likesplanet easy seo network to get free traffic  Thursday, 28 November 2013 o godz. 12:00 am #  Add karma Subtract karma  +0

I’m not sure exactly why but this site is loading
very slow for me. Is anyone else having this problem or
is it a problem on my end? I’ll check back later
on and see if the problem still exists.

(Comments wont nest below this level)
 
fold this thread 7 Pasos Para Olvidar Un Amor pdf  Thursday, 28 November 2013 o godz. 1:39 pm #  Add karma Subtract karma  +0

Hi it’s me, I am also visiting this site on a regular basis, this web page is in fact fastidious and the users are in fact sharing
pleasant thoughts.

(Comments wont nest below this level)
 
fold this thread Elisabeth  Friday, 29 November 2013 o godz. 5:10 am #  Add karma Subtract karma  +0

Thanks for every other excellent post. The place else could anybody get
that kind of info in such an ideal manner of writing?
I have a presentation subsequent week, and I’m at the search for such
info.

(Comments wont nest below this level)
 
fold this thread heidiklum  Friday, 29 November 2013 o godz. 1:18 pm #  Add karma Subtract karma  +0

I all the time used to read post in news papers but now as I am a user of internet thus from now I am using net for
content, thanks to web.

(Comments wont nest below this level)
 
fold this thread cracker Un compte facebook  Saturday, 30 November 2013 o godz. 9:47 am #  Add karma Subtract karma  +0

This is a topic that’s near to my heart… Best wishes!

Where are your contact details though?

(Comments wont nest below this level)
 

Thanks a bunch for sharing this with all of us you really realize
what you’re speaking approximately! Bookmarked. Please additionally seek advice from my
web site =). We could have a link trade agreement
between us

(Comments wont nest below this level)
 
fold this thread vibrating underwear  Saturday, 14 December 2013 o godz. 4:23 am #  Add karma Subtract karma  +0

Hello, its nice paragraph regarding media print, we all be
familiar with media is a wonderful source of data.

(Comments wont nest below this level)
 
fold this thread golden labrador  Tuesday, 17 December 2013 o godz. 12:21 pm #  Add karma Subtract karma  +0

This is my first time pay a visit at here and i am truly impressed to read everthing at one
place.

(Comments wont nest below this level)
 
fold this thread Biedronka aktualna gazetka  Wednesday, 18 December 2013 o godz. 7:37 pm #  Add karma Subtract karma  +0

gazetka biedronka plock

(Comments wont nest below this level)
 
fold this thread spin  Sunday, 22 December 2013 o godz. 7:24 pm #  Add karma Subtract karma  +0

Hmm is anyone else having problems with the images on this
blog loading? I’m trying to determine if its a problem on my end or if it’s
the blog. Any responses would be greatly appreciated.

(Comments wont nest below this level)
 
fold this thread how to get unlimited free imvu credits  Wednesday, 25 December 2013 o godz. 1:37 am #  Add karma Subtract karma  +0

If you are unsure about what it is all about, sign up, it is free.
This opportunity appeals not only to ordinary
or amateur 3D users, but also to professionals, but it must be clear from the first place that business level needs are met by more powerful 3D animation software, which will, obviously
be retailed for a certain price. Now, online social networking has gone
3D with virtual worlds such as IMVU and Second Life.

(Comments wont nest below this level)
 
fold this thread พระเครื่อง  Saturday, 18 January 2014 o godz. 6:11 am #  Add karma Subtract karma  +0

I pay a quick visit each day a few web sites and sites to read articles, however this web site provides feature based articles.

(Comments wont nest below this level)
 
fold this thread Jared  Thursday, 23 January 2014 o godz. 5:02 pm #  Add karma Subtract karma  +0

The more popular the page with the links, the
greater inevitable that a person will edit it, taking out the links and then for any chance of gaining.
Opioids offers short, intermediate and resilient analgesia, based on the
actual properties of the medication (( An opioid can
be a chemical that work well by binding to opioid receptors, that are found principally
inside the central nervous system along with the gastrointestinal tract.
If it does not feel completely secure, use bobby pins to connect it to hair.

(Comments wont nest below this level)
 
fold this thread carpet cleaning St Albans  Friday, 24 January 2014 o godz. 12:55 pm #  Add karma Subtract karma  +0

I really like your blog.. very nice colors & theme. Did you make this website yourself or did you
hire someone to do it for you? Plz reply as I’m looking to construct
my own blg and woould like to find out where u got this
from. appreciate it

(Comments wont nest below this level)
 
fold this thread weddingwows.edublogs.org  Sunday, 2 February 2014 o godz. 10:12 am #  Add karma Subtract karma  +0

It’s actually a cool and helpful piece of info.

I am glad that you shared this useful info with us.
Please keep us up to date like this. Thanks for sharing.

(Comments wont nest below this level)
 
fold this thread buy facebook fans  Thursday, 27 February 2014 o godz. 2:12 am #  Add karma Subtract karma  +0

It’s amazing for me to have a web site, which is useful in favor of my know-how.
thanks admin

(Comments wont nest below this level)
 
fold this thread Get Rid Of Back Acne  Tuesday, 18 March 2014 o godz. 6:33 am #  Add karma Subtract karma  +0

Oh my goodness! an amazing article man. Thanks for sharing it.

(Comments wont nest below this level)
 
fold this thread journalhome.com  Monday, 31 March 2014 o godz. 2:44 pm #  Add karma Subtract karma  +0

It may seem like a lot of work, but it can save you aggravation
down the road. The authorities have the right to inspect the works to ascertain conformity
with the terms of the Permis de Construire. These services can help you get through the hiring process by simplifying
it for you.

(Comments wont nest below this level)
 
fold this thread steroider online  Friday, 4 April 2014 o godz. 1:24 pm #  Add karma Subtract karma  +0

Thanks for every other wonderful post. Where else may anybody get that type of info in such
an ideal means of writing? I’ve a presentation next week, and I am on the search for such info.

(Comments wont nest below this level)
 
fold this thread sash windows  Saturday, 5 April 2014 o godz. 1:20 pm #  Add karma Subtract karma  +0

I seriously love your blog.. Very nice colors & theme. Did you make this
site yourself? Please reply back as I’m hoping to create my
very own blog and would like to find out where you got this from or what the theme is called.
Appreciate it!

(Comments wont nest below this level)
 
fold this thread dobre tabletki odchudzajace  Sunday, 6 April 2014 o godz. 3:50 pm #  Add karma Subtract karma  +0

Hi, I log on to your blog daily. Your humoristic
style is witty, keep doing what you’re doing!

(Comments wont nest below this level)
 
fold this thread michael kors handbags outlet  Thursday, 10 April 2014 o godz. 8:09 am #  Add karma Subtract karma  +0

I’ve been browsing online more than 3 hours today, yet I
never found any interesting article like yours. It is pretty worth enough for
me. In my opinion, if all webmasters and bloggers
made good content as you did, the net will be much more useful than evera before.

michael kors handbags outlet

(Comments wont nest below this level)
 
fold this thread wedding planner las vegas  Wednesday, 16 April 2014 o godz. 11:33 am #  Add karma Subtract karma  +0

Good answers in return of this question with real arguments and describing the whole thing concerning that.

(Comments wont nest below this level)
 
fold this thread Infamous Second Son Download  Wednesday, 16 April 2014 o godz. 4:45 pm #  Add karma Subtract karma  +0

In comparison, any PC can be easily upgraded or
modified, a mini PC can be opened up and a part replaced or upgraded to give
it a performance boost. This ability to be creative and have so much freedom in gameplay makes Farmcraft one
of the better free downloads thus far. Steam can render games you
purchased, and have a legal license to use, unplayable.

(Comments wont nest below this level)
 
fold this thread metrum  Wednesday, 16 April 2014 o godz. 8:54 pm #  Add karma Subtract karma  +0

Pretty section of content. I just stumbled upon your
site and in accession capital to assert that I acquire in
fact enjoyed account your blog posts. Any way I will be subscribing to your augment and
even I achievement you access consistently fast.

(Comments wont nest below this level)
 
fold this thread stephen seal rainmaker solutions  Wednesday, 16 April 2014 o godz. 9:21 pm #  Add karma Subtract karma  +0

What’s Happening i am new to this, I stumbled upon this I’ve found It positively helpful and it has helped me
out loads. I’m hoping to give a contribution & help
other users like its aided me. Great job.

(Comments wont nest below this level)
 
fold this thread acne Treatment Gel  Sunday, 20 April 2014 o godz. 9:41 pm #  Add karma Subtract karma  +0

You’re so cool! I dont suppose Ive read anything like this before.
So nice to find any individual with some original thoughts on this subject.
really thank you for starting this up. this website is one thing that’s wanted on the
web, somebody with a bit of originality. useful job
for bringing something new to the internet!

(Comments wont nest below this level)
 
Name (required)
E-mail (required - never shown publicly)
URI

Adjust field size: shrink | enlarge)


You can use simple HTML in your comments. Some examples are as follows:
  • A hyperlink: <a href="polishlinux.org">GNU/Linux for everyone!</a>,
  • Strong text: <strong>Strong text</strong>,
  • Italic text: <em>italic text</em>,
  • Strike: <strike>strike</strike>,
  • Code: <code>printf("hello world");</code>,
  • Block quote: <blockquote>Block quote</blockquote>

About the Author

Borys Musielak

PolishLinux.org creator and editor in chief. Professionally -- J2EE consultant in London City. Personally -- free software enthusiast and lobbyist.

New AdTaily ads!

Are you a film buff?

film buffs community, movie recommendations and reviews

RSS: Comments

You can follow the comments to this article through a special channel RSS 2.0 .

Related articles: Apps

 more »

Related articles: SSH

 more »

PolishLinux Top Content


Become our fan on Facebook!

PolishLinux.org on Facebook

Follow PolishLinux on Twitter!

Follow polishlinux on Twitter

Google Ads