## ssh – How to set seprate current directory for sftp in macos?

On my macos i am able to login to sftp as `sftp localhost`. When i run `!pwd` it shows me default directory is `/Users/username` but i want to change it `/Users/username/Sites/wordpress`.

I edited `/etc/ssh/sshd_config` file & added below lines at bottom of file

``````Match User username
X11Forwarding no
AllowTcpForwarding yes
PermitTTY yes
``````

But when i again try to login with `sftp localhost` after password prompt it gives me error as below

``````client_loop: send disconnect: Broken pipe
Connection closed
``````

Please tell me how can fix this error ?

## iptables – Connect to VMs via ssh from outside, with host under VPN

I have some QEMU/KVM machines (1,2,3) running ssh on port 22. I forward the ports to 22221, 22222, 22223 and I can connect to them using host _ip:2222X. I followed this tutorial to achieve this.

Now, I am trying to connect to a vpn using OpenVPN in the host, and allow incoming traffic using public ip, following this tutorial. I can ssh to the host using host_ip:22 and, supposedly, I should be able to ssh to the qemu machines using the same host_ip:2222X ports as before. However, that doesnt work, and I can’t connect via ssh to my servers anymore.

From the host, I can connect to the VMs using vpn_ip:2222X, which doesn’t make sense to me.

Is there anything else I have to do to connect to my vms when using VPN in the host?

## Locked out of SSH on Debian server via hosts.deny

I seem to have locked myself out of my Debian server.

Through a series of unfortunate events, I set the contents of my `hosts.deny` file to:

``````ALL: ALL
``````

I can’t tell you what I was thinking. Additionally, the contents of my `hosts.allow` file are currently set to:

``````25565: ALL
``````

I’m pretty sure that isn’t even proper syntax.

So basically, the only access I have to anything right now, is that I have read-only FTP access to pretty much the whole filesystem. I realize that’s horribly insecure and don’t remember why I set it up that way.

Can anything be done?

## linux – How to setup DPDK without loosing SSH connection?

A similar question has been asked before on this site [1] but it doesn’t seems answer anything that’s practical for my problem. Therefore, I decided to ask same question for my environment.

I’m using a Linode Ubuntu Server with a single NIC and attempted to intitlize DPDK yesterday, it did installed Kernel Driver and bined the NIC then cut me off from SSH. I was not able to reconnect since then and I went on and restarted the server, I was able get into server again.

[1] Binding DPDK to a NIC without loosing connection

## linux – Bash script to mirror XWindow to remote SSH host

The source code within this question aims to provide a short-cut for mirroring a local XWindow (or session) to a remote host via SSH port forwarding, eg…

``````x11vnc-push-xwindow --id=none raspberrypi
``````

The `ReadMe` file contains more detailed instructions for setup, but the TLDR is…

``````mkdir -vp ~/git/hub/rpi-curious
cd ~/git/hub/rpi-curious

git clone --recurse-submodules git@github.com:rpi-curious/x11vnc-push-xwindow.git
``````
``````cd x11vnc-push-xwindow
ln -s "\${PWD}/x11vnc-push-xwindow" "\${HOME}/bin/"
``````
``````x11vnc-push-xwindow raspberrypi
## Select a XWindow, or use `--id=none` to mirror entire session
# x11vnc-push-xwindow --id=none raspberrypi
``````
``````q
# Ctrl^c
``````

I wrote this project because it helps my own posture to look up at my remote device’s screen, and currently everything seems to function as intended, but as always there’s room for improvement.

## Questions

• Are there any obvious mistakes?

• Any features that are both missing and necessary?

• Is there a better way to fully terminate the connection when q is pressed? Currently this is a two-step process of pressing q then Ctrlc to quit and then terminate the connection.

## Source Code

Note, source code for this question is maintained on GitHub at `rpi-curious/x11vnc-push-xwindow`, what is included here are the scripts and shared functions required to test/review without need of any Git fanciness.

### `x11vnc-push-xwindow`

``````#!/usr/bin/env bash

## Find true directory script resides in, true name, and true path
__SOURCE__="\${BASH_SOURCE(0)}"
while (( -h "\${__SOURCE__}" )); do
__SOURCE__="\$(find "\${__SOURCE__}" -type l -ls | sed -n 's@^.* -> (.*)@1@p')"
done
__DIR__="\$(cd -P "\$(dirname "\${__SOURCE__}")" && pwd)"
__NAME__="\${__SOURCE__##*/}"
__AUTHOR__='S0AndS0'
__DESCRIPTION__='Pushes/mirrors selected XWindow to remote via SSH port forwarding'

## Source module code within this script
source "\${__DIR__}/shared_functions/modules/argument-parser/argument-parser.sh"
source "\${__DIR__}/shared_functions/modules/trap-failure/failure.sh"

trap 'failure "LINENO" "BASH_LINENO" "\${BASH_COMMAND}" "\${?}"' ERR

local _date_year="\$(date +'%Y')"
cat <<EOF
\${__DESCRIPTION__}
Copyright (C) \${_date_year:-2020} \${__AUTHOR__:-S0AndS0}

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, version 3 of the License.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.
EOF
}

usage() {
local _message="\${1}"
cat <<EOF
\${__DESCRIPTION__}

## Augments \${__NAME__%.*} responds to

--help | -h

Prints this message and exits

--x11vnc-listen-port="\${_x11vnc_listen_port}"

Default '5900', port that x11vnc will serve XWindow session on 'localhost' for this device.

Note, if listen port is already in use then session will be reused, otherwise a new session will be initialized.

--vnc-viewer-port="\${_vnc_viewer_port}"

Default '5900', port that remote host will connect to on their relative 'localhost' to view forwarded XWindow session.

Note, if 'xscreensaver' is detected on remote host, then it will be disabled until x11vnc session is terminated

--vnc-viewer-name="\${_vnc_viewer_name}"

Default 'vncviewer', executable name of VNC Viewer.

Note, if troubles are had when using a VNC Viewer other than 'vncviewer', please try 'vncviewer' before opening a new Issue.

--id="\${_id}"

Default 'pick', XWindow ID to forward to remote host.

Note, if set to 'none' then entire XWindow session will be forwarded.

\${_target_host:-<target-host>}

Required, remote SSH host that XWindow session will be forwarded to.

## Example

\${__NAME__} raspberrypi
EOF

(( "\${#_message}" -gt '0' )) && {
printf >&2 'n## Error: %sn' "\${_message}"
}
}

## Defaults
_target_host=''
_x11vnc_listen_port='5900'
_vnc_viewer_port='5900'
_id='pick'
_vnc_viewer_name='vncviewer'

## Save passed arguments and acceptable arguments to Bash arrays
_passed_args=("\${@:?No arguments provided}")
_acceptable_args=(
'--help|-h:bool'
'--x11vnc-listen-port:alpha_numeric'
'--vnc-viewer-port:alpha_numeric'
'--id:alpha_numeric'
'--target-host:path-nil'
)

## Pass arrays by reference/name to the `argument_parser` function
argument_parser '_passed_args' '_acceptable_args'
_exit_status="\$?"

## Print documentation for the script and exit, or allow further execution
((_help)) || ((_exit_status)) && {
usage
exit "\${_exit_status:-0}"
}

(("\${#_target_host}")) || {
usage 'Missing target host parameter'
exit 1
}

## Note, '-shared' with '-forever' and '-threads' or '-once' may be wanted
##  in addition to the following options
_x11vnc_server_opts=(
'-quiet'
'-noshared'
'-viewonly'
'-noremote'
'-nobell'
'-nosel'
'-noprimary'
'-nosetprimary'
'-noclipboard'
'-nosetclipboard'
# '-disablefiletransfer'  ## Un-comment for older versions
'-cursor' 'most'
'-noipv6'
'-allow' '127.0.0.1'
'-autoport' "\${_x11vnc_listen_port}"
'-listen' '127.0.0.1'
'-nopw'
'-nossl'
'-bg'
)

(( "\${_id}" =~ 'none' )) || {
_x11vnc_server_opts+=(
'-id' "\${_id}"
)
}

_vnc_viewer_opts=(
'-viewonly'
'-fullscreen'
"localhost::\${_vnc_viewer_port}"
)

grep -q -- "\${_x11vnc_listen_port}" <<<"\$(netstat -plantu 2>/dev/null)" || {
printf '# Running: x11vnc %sn' "\${_x11vnc_server_opts(*)}"
x11vnc \${_x11vnc_server_opts(@)}
}

initialize_connection() {
ssh -R localhost:\${_vnc_viewer_port}:localhost:\${_x11vnc_listen_port} "\${_target_host}" <<EOF
reinitalize_xscreensaver(){
echo 'Resuming: xscreensaver'
DISPLAY=:0 xscreensaver -no-splash 2>&1 >/dev/null &
sleep 3
DISPLAY=:0 xscreensaver-command -activate
}

initalize_viewer(){
_xscreensaver_time="$$(DISPLAY=:0 xscreensaver-command -time 2>&1)" (( "$${_xscreensaver_time}" =~ 'no screensaver is running' )) || {
trap 'reinitalize_xscreensaver' RETURN SIGINT SIGTERM EXIT
echo 'Halting: xscreensaver'
DISPLAY=:0 xscreensaver-command -deactivate
DISPLAY=:0 xscreensaver-command -exit
}

printf 'Starting: $$(which {_vnc_viewer_name}) %sn' "{_vnc_viewer_opts(*)}" DISPLAY=:0$$(which \${_vnc_viewer_name}) \${_vnc_viewer_opts(@)}
return "\${?}"
}

initalize_viewer
EOF
}

initialize_connection &
_connection_pid="\$!"

printf 'Press %s to quit...n' "q"
while read -n1 -r _input; do
case "\${_input,,}" in
q)
printf 'Killing PID %in' "\${_connection_pid}"
kill "\${_connection_pid}"
sleep 2
printf 'Please use Ctrl^c to exit!'
;;
esac

sleep 1
done
``````

### `shared_functions/modules/argument-parser/argument-parser.sh`

``````#!/usr/bin/env bash

# argument-parser.sh, source it in other Bash scripts for argument parsing
# Copyright (C) 2019  S0AndS0
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation; version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

shopt -s extglob

_TRUE='1'
_DEFAULT_ACCEPTABLE_ARG_LIST=('--help|-h:bool' '--foo|-f:print' '--path:path-nil')

arg_scrubber_alpha_numeric(){ printf '%s' "\${@//(^a-z0-9A-Z)/}"; }

arg_scrubber_regex(){ printf '%s' "\$(sed 's@.@\.@g' <<<"\${@//(^(:print:)\$'t'\$'n')/}")"; }

arg_scrubber_list(){
printf '%s' "\$(sed 's@..*@.@g; s@--*@-@g' <<<"\${@//(^a-z0-9A-Z,+_./@:-)/}")"
}

arg_scrubber_path(){
printf '%s' "\$(sed 's@..*@.@g; s@--*@-@g' <<<"\${@//(^a-z0-9A-Z ~+_./@:-)/}")"
}

arg_scrubber_posix(){
_value="\${@//(^a-z0-9A-Z_.-)/}"
_value="\$(sed 's@^(-_.)@@g; s@(-_.)\$@@g; s@..*@.@g; s@--*@-@g' <<<"\${_value}")"
printf '%s' "\${_value::32}"
}

return_scrubbed_arg(){
_raw_value="\${1}"
_opt_type="\${2:?## Error - no option type provided to return_scrubbed_arg}"
case "\${_opt_type}" in
'bool'*)  _value="\${_TRUE}"      ;;
'raw'*)   _value="\${_raw_value}" ;;
'path'*)  _value="\$(arg_scrubber_path "\${_raw_value}")"  ;;
'posix'*) _value="\$(arg_scrubber_posix "\${_raw_value}")" ;;
'print'*) _value="\${_raw_value//(^(:print:))/}"          ;;
'regex'*) _value="\$(arg_scrubber_regex "\${_raw_value}")" ;;
'list'*)  _value="\$(arg_scrubber_list "\${_raw_value}")"  ;;
'alpha_numeric'*) _value="\$(arg_scrubber_alpha_numeric "\${_raw_value}")" ;;
esac

if (( "\${_opt_type}" =~ ^'bool'* )) || (( "\${_raw_value}" == "\${_value}" )); then
printf '%s' "\${_value}"
else
printf '## Error - return_scrubbed_arg detected differences in valuesn' >&2
return 1
fi
}

argument_parser(){
local -n _arg_user_ref="\${1:?# No reference to an argument list/array provided}"
local -n _arg_accept_ref="\${2:-_DEFAULT_ACCEPTABLE_ARG_LIST}"
_args_user_list=("\${_arg_user_ref(@)}")
unset _assigned_args
for _acceptable_args in \${_arg_accept_ref(@)}; do
## Take a break when user supplied argument list becomes empty
(( "\${#_args_user_list(@)}" == '0' )) && break
## First in listed acceptable arg is used as variable name to save value to
##  example, '--foo-bar fizz' would transmute into '_foo_bar=fizz'
_opt_name="\${_acceptable_args%%(:|)*}"
_var_name="\${_opt_name#*(-)}"
_var_name="\${_var_name#*(-)}"
_var_name="_\${_var_name//-/_}"
## Divine the type of argument allowed for this iteration of acceptable args
case "\${_acceptable_args}" in
*':'*) _opt_type="\${_acceptable_args##*(:)}" ;;
*)     _opt_type="bool"                      ;;
esac
## Set case expressions to match user arguments against and for non-bool type
##  what alternative case expression to match on.
##  example '--foo|-f' will also check for '--foo=*|-f=*'
_arg_opt_list="\${_acceptable_args%%:*}"
_valid_opts_pattern="@(\${_arg_opt_list})"
case "\${_arg_opt_list}" in
*'|'*) _valid_opts_pattern_alt="@(\${_arg_opt_list//|/=*|}=*)" ;;
*)     _valid_opts_pattern_alt="@(\${_arg_opt_list}=*)"        ;;
esac
## Attempt to match up user supplied arguments with those that are valid
for (( i = 0; i < "\${#_args_user_list(@)}"; i++ )); do
_user_opt="\${_args_user_list(\${i})}"
case "\${_user_opt}" in
\${_valid_opts_pattern})     ## Parse for script-name --foo bar or --true
if (( "\${_opt_type}" =~ ^'bool'* )); then
_var_value="\$(return_scrubbed_arg "\${_user_opt}" "\${_opt_type}")"
_exit_status="\${?}"
else
i+=1
_var_value="\$(return_scrubbed_arg "\${_args_user_list(\${i})}" "\${_opt_type}")"
_exit_status="\${?}"
unset _args_user_list(\$(( i - 1 )))
fi
;;
\${_valid_opts_pattern_alt}) ## Parse for script-name --foo=bar
_var_value="\$(return_scrubbed_arg "\${_user_opt#*=}" "\${_opt_type}")"
_exit_status="\${?}"
;;
*)                          ## Parse for script-name direct_value
case "\${_opt_type}" in
*'nil'|*'none')
_var_value="\$(return_scrubbed_arg "\${_user_opt}" "\${_opt_type}")"
_exit_status="\${?}"
;;
esac
;;
esac
if ((_exit_status)); then return \${_exit_status}; fi
## Break on matched options after clearing temp variables and re-assigning
##  list (array) of user supplied arguments.
## Note, re-assigning is to ensure the next looping indexes correctly
##  and is designed to require less work on each iteration
if ( -n "\${_var_value}" ); then
declare -g "\${_var_name}=\${_var_value}"
declare -ag "_assigned_args+=('\${_opt_name}="\${_var_value}"')"
unset _user_opt
unset _var_value
unset _args_user_list(\${i})
unset _exit_status
_args_user_list=("\${_args_user_list(@)}")
break
fi
done
unset _opt_type
unset _opt_name
unset _var_name
done
}
``````

Note, the source code for `argument-parser.sh` is a Git Submodule maintained on GitHub at `bash-utilities/argument-parser`, and can be cloned individually via…

``````mkdir -vp ~/git/hub/bash-utilities
cd ~/git/hub/bash-utilities

git clone git@github.com:bash-utilities/argument-parser.git
``````

### `shared_functions/modules/trap-failure/failure.sh`

``````#!/usr/bin/env bash

# Bash Trap Failure, a submodule for other Bash scripts tracked by Git
# Copyright (C) 2019  S0AndS0
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation; version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

## Outputs Front-Mater formatted failures for functions not returning 0
## Use the following line after sourcing this file to set failure trap
##    trap 'failure "LINENO" "BASH_LINENO" "\${BASH_COMMAND}" "\${?}"' ERR
failure(){
local -n _lineno="\${1:-LINENO}"
local -n _bash_lineno="\${2:-BASH_LINENO}"
local _last_command="\${3:-\${BASH_COMMAND}}"
local _code="\${4:-0}"

## Workaround for read EOF combo tripping traps
((_code)) || {
return "\${_code}"
}

local _last_command_height="\$(wc -l <<<"\${_last_command}")"

local -a _output_array=()
_output_array+=(
'---'
"lines_history: (\${_lineno} \${_bash_lineno(*)})"
"function_trace: (\${FUNCNAME(*)})"
"exit_code: \${_code}"
)

(( "\${#BASH_SOURCE(@)}" -gt '1' )) && {
_output_array+=('source_trace:')
for _item in "\${BASH_SOURCE(@)}"; do
_output_array+=("  - \${_item}")
done
} || {
_output_array+=("source_trace: (\${BASH_SOURCE(*)})")
}

(( "\${_last_command_height}" -gt '1' )) && {
_output_array+=(
'last_command: ->'
"\${_last_command}"
)
} || {
_output_array+=("last_command: \${_last_command}")
}

_output_array+=('---')
printf '%sn' "\${_output_array(@)}" >&2
exit \${_code}
}
``````

Note, the source code for `failure.sh` is a Git Submodule maintained on GitHub at `bash-utilities/trap-failure`, and can be cloned individually via…

``````mkdir -vp ~/git/hub/bash-utilities
cd ~/git/hub/bash-utilities

git clone git@github.com:bash-utilities/trap-failure.git
``````

## Using apache mina for ssh using signed ssh-rsa-cert-01 from Certification Authority

There is an existing client configured and running (SshClient) using apache mina to ssh to one of our internal jump boxes. It currently uses PEM based authentication. Due to compliance we have to switch to using internally signed certificates (internally we are using hashicorp vault as a CA). I’m unable to find any documentation regarding how to use signed certificates for ssh in apache mina to start with. Is it not supported? Will I perhaps have to use any other java ssh library?

## gnome – How to use epiphany web browser over ssh?

When I run `ssh -Y me@desktop xeyes` or `ssh -Y me@desktop surf www.ddg.gg` X11 forwarding works great and I can see the windows and interact with the programs effortlessly. However, when I run `ssh -Y me@desktop epiphany` the browser opens but no tabs will load and I am not able to visit any websites. In the terminal I see the following warnings:

Unable to init server: Could not connect: Connection refused

and

(WebKitWebProcess:2): Gtk-WARNING **: 19:06:59.859: cannot open display: localhost:10.0

What is happening here, and is there a way to can modify my approach to be able to use epiphany over ssh?

## Could a Ubuntu server log my activities (outside the console) through ssh?

For security reason, when i connect to an Ubuntu server through ssh, could the server log my keystrokes (pressed outside the console window) and view active processes or browser active tabs?

X11 forwarding is not enabled by default in Putty

## ssh into android over usb: macOS

I have a Meizu M8 phone running android with Termux. I had set up ssh access to Termux over WiFi, but I want to be able to do that over USB because of possibly lower latency and higher speed. If I connect the phone to my macbook using USB, I can use adb to get shell or transfer files, so I think ssh over USB is possible. How can I achieve this?

## ssh – What is the current (mid-2020) status of hardware rootkit/malware and possible detection/monitoring?

I’ve posted a question (link) related to a potential compromised computer via SSH access with root user. Although no evidence of a break-in, I’m considering extended measures to ensure (as much as possible) that my hardware has not been compromised. The software rootkit/malware would be easier to deal with apart of technical details as I expressed in another question (link). I’m particularly concerned because a SSH root access seems much more serious than a rootkit/malware infection from a compromised application downloaded from the internet.

OTOH, hardware rootkit/malware is a different level of a threat and I was trying to get more information about it. As I could see in other questions (link,link, plus some internet articles), the debate regarding hardware threats was much related to state-actors aiming high-level targets a few years back (prior 2017). However LoJax surfaced in 2018 and possibly others until today.

So, what is the current status (mid-2020) of these infections? Are they popular or still related to particular high-level targets?

My research showed that the only ways to get rid of such threats at hardware level would be either (i) flash the hardware with default firmware (not simple) or (ii) replace the piece of hardware. Besides, I’m not sure this hardware-level intervention would be detected in any manner, even using specialized application like rkhunter or TDSSKiller, since it could be hidden at kernel Ring 0 area outside the userspace. In the end, the user would have an evidence only if the rootkit drops a malware in the userspace, which could be caught by an AV or other scan app.

I see that OSSEC would be a handy tool to monitor the system, but possible setup before an infection. In case one has a potential compromised system, what would be the way to detect and/or to monitor the activity of a potential compromised hardware rootkit/malware (if any)?

In summary, such threats could be hidden in any writable firmware in the hardware (BIOS, SSD, HDD, GPU, etc.), however detailed knowledge of these firmwares are needed in order to deploy such malicious software, making it not so popular (this answer from 2015 states it in a more clear way, although somehow old). If this level of threat is still not popular in the wild, I would consider a very small possibility that such threat would be deployed in my computer, but I don’t have the clear picture yet.