ssh

SSH may refer to: read more at WikiPedia

  • I will show you in an Apache Maven configuration file how to copy files to server each time the package phase is executed.

    Solution with Ant SCP task

    This snippet of code is a ready to use code that make use of Apache Ant task scp, Just put this snippet of code in your Maven module where the assembly is executed or anywhere else to push all tar.gz files to a server just run a maven mvn package, you can add as many ant task and push to many server the same file during the reactor build.

    <plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-antrun-plugin</artifactId>
    <version>1.7</version>
    <executions>
    <execution>
        <id>server-copy</id>
        <goals>
            <goal>run</goal>
        </goals>
        <phase>package</phase>
        <configuration>
            <target>
                <echo message="Push to server/home/"/>
                <scp trust="yes"
                    todir="user:password@server:/home/">
                    <fileset dir="${basedir}/target">
                        <include name="**/*.tar.gz"/>
                    </fileset>
                </scp>
            </target>
        </configuration>
    </execution>
    </executions>
    <dependencies>
    <dependency>
        <groupId>org.apache.ant</groupId>
        <artifactId>ant-jsch</artifactId>
        <version>1.8.2</version>
    </dependency>
    </dependencies>
    </plugin>

    Solution with maven-deploy-plugin

    The maven-deploy-plugin allows you to configure the deploy phase to deploy to a server using scp. There is a page in the documentation that describes how it can be done.

    Deploy maven artifact using Maven Wagon SCP

    Another alternative would be to use Maven Wagon SCP like described in this post for example

  • port.knocking.ssh.linux

    Port Knocking is a technique to secure services behind a firewall until a specific knock sequence is given. Once that sequence is given, the IP address that initiated the knock may be allowed to access the service for a short period of time. A knocking server listens to all traffic on an Ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server.

    This is a bit paranoid, but it add another layer of security, an attacker will have either to try all ports combinations or know the secret combination (knock) to be able to connect to your SSH daemon for example.

    First, you’ll have to be sure to have a port knocking client, or you will be kick out forever of your own server!

  • IBM Alphaworks have release a library for supporting the IETF SSH-2 protocol aka SSH (WikiPedia)

    IBM Secure Shell Library for Java is a lightweight implementation of the IETF SSH-2 protocol. The library currently implements only the basic SSH features such as password log-in and command execution. Advanced features such as tunning and X-forwarding are currently not supported.




  • Disabling root login will force any attempted hackers to use 2 passwords instead of only one. Making it more difficult for a hacker to break into your server.

    You must have another user which is NOT root already on the box

    vi /etc/ssh/sshd_config

    Search for line

    PermitRootLogin yes


    and change it to

    PermitRootLogin no


    restart sshd by typing
    /etc/init.d/sshd restart