今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#ssh

找到 3 篇相关文章

AI 资讯

Adding server monitoring to my SSH manager without opening a second connection

I use my SSH manager every day. I also use a separate monitoring tool every day. For a long time I just accepted that these were two different things. Then one day I was SSH'd into a server that was behaving weird. I wanted to check if it was CPU or memory, but I had to open a different app, find the server in there, and wait for the dashboard to load. It took maybe 15 seconds. Not a huge deal. But it broke my flow every single time. I already had an SSH connection open to that server. Why was I opening a second thing just to see what was happening to it? That's what pushed me to build server monitoring directly into Termique, the SSH manager I've been working on. The interesting part: reusing the existing SSH connection SSH connections aren't just for terminals. The protocol supports multiple channels over a single TCP connection. You can have a terminal session running in one channel while sending short exec commands through another channel on the same connection. That's how the monitoring feature works. When you open the metrics panel for a server, Termique creates a separate exec channel on the existing SSH connection and polls /proc/stat for CPU, /proc/meminfo for RAM, and /proc/loadavg for system load. Short-lived commands, called on an interval, over the connection you already have open. No second SSH handshake. No separate auth. Just another channel on the same pipe. The tradeoff: you do need an agent I want to be upfront about this. The monitoring feature requires a small agent installed on each server. It's not agentless. I considered going agentless, relying entirely on /proc reads through exec channels. That works fine on most Linux servers. But the agent makes it easier to handle edge cases properly and opens the door for future features like alerts and longer history retention. Without it, I'd be fighting a lot of fragile shell parsing. If you're managing Linux servers, it's a one-command install. Non-Linux systems aren't supported yet. That's a real l

2026-06-29 原文 →
AI 资讯

Git com múltiplas contas: configure trabalho e pessoal no mesmo computador

Você já fez um commit no repositório do trabalho e percebeu que estava com o seu e-mail pessoal? Ou o contrário? Esse é um dos erros mais comuns de quem usa Git com múltiplas contas no mesmo computador. Neste tutorial você vai aprender a configurar tudo corretamente, de uma vez, usando chaves SSH separadas e .gitconfig condicional — sem gambiarras. O problema Por padrão o Git usa uma configuração global: git config --global user.name "Seu Nome" git config --global user.email "seu@email.com" Isso significa que todos os repositórios no seu computador usam o mesmo usuário. Quando você tem contas separadas (ex: joao@empresa.com no GitLab da empresa e joao@gmail.com no GitLab pessoal), os commits vão sair com o e-mail errado. A solução profissional envolve duas partes: Chaves SSH separadas para cada conta .gitconfig condicional que aplica o usuário certo — e a chave SSH certa — por pasta Passo 1 — Gerar as chaves SSH Abra o terminal e gere uma chave para cada conta. Use nomes diferentes para não sobrescrever: # Chave para a conta pessoal ssh-keygen -t ed25519 -C "joao@gmail.com" -f ~/.ssh/id_ed25519_pessoal # Chave para a conta do trabalho ssh-keygen -t ed25519 -C "joao@empresa.com" -f ~/.ssh/id_ed25519_trabalho 💡 Por que ed25519 ? É o algoritmo mais moderno, mais seguro e recomendado pelo GitHub, GitLab e Bitbucket. Evite RSA a menos que seu servidor seja muito antigo. Ao final você terá quatro arquivos em ~/.ssh/ : id_ed25519_pessoal ← chave privada (nunca compartilhe) id_ed25519_pessoal.pub ← chave pública (você registra no GitLab) id_ed25519_trabalho id_ed25519_trabalho.pub Passo 2 — Registrar as chaves no GitLab Para cada conta: Copie o conteúdo da chave pública: # Pessoal cat ~/.ssh/id_ed25519_pessoal.pub # Trabalho cat ~/.ssh/id_ed25519_trabalho.pub Acesse Settings → SSH and GPG keys → New SSH key na conta correspondente e cole o conteúdo. Faça isso nas duas contas , cada uma com a sua respectiva chave pública. Passo 3 — Configurar o Git por pasta (o pulo do gato)

2026-06-24 原文 →
AI 资讯

known_hosts

1. Introduction As the golden standard of secure remote access , the Secure Shell (SSH) protocol has several layers of protection. One of them involves recording and keeping track of the known servers on the client side. known_hosts By default, the known_hosts file for a given user is located at: cat /home/user_name/.ssh/known_hosts github.com ssh-rsa *** github.com ecdsa-sha2-nistp256 *** github.com ssh-ed25519 *** Basically, the file contains a list with several columns, separated by whitespace: Identifying host data Host key type Host key value Optional comment The first column can be hashed or cleartext, depending on the setting of HashKnownHosts in /etc/ssh/ssh_config . When hashed, the first field of each line starts with |1| , a HASH_MAGIC marker. After the latter, the field continues with a random 160-bit string, otherwise known as a salt, followed by a 160-bit SHA1 hash. Each of these is encoded in base64 . The main idea is to hide the IP address or hostname data, which would otherwise be directly visible Either way, known_hosts contains a mapping between a server as identified by its characteristics and its key . ## Known Hosts Checking When connecting to a remote host, SSH checks the known_hosts file of the client to confirm the address or hostname for the server match the key we get from it . If there is a match, the session setup can continue. Otherwise, we get an error. The entry for 192.168.6.66 in the known_hosts file doesn’t match the (Elliptic Curve Digital Signature Algorithm, ECDSA ) key we got back from the server at that address . Critically, if we don’t know what caused the error, we should heed the text in capital letters: something nasty can indeed be happening . On the other hand, the reasons for such an issue can be valid and trivial: dynamic IP address changed hostname reinstalled system reinstalled SSH Docker container misconfigured DHCP relocated client In fact, there can be many more. ## Bypass Known Hosts The error text when connectin

2026-06-01 原文 →