FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 08-20-2012, 01:59 PM
lina
 
Default Is it possible to hide the ip in ssh connection

Hi,

I ssh to a server which has 400+ users, active ones around 100.

Frankly speaking, I would feel comfortable to hide my IP if possible,

any suggestions (I checked the spoof, but seems not positive),

Thanks with best regards,



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 503242D3.3030108@gmail.com">http://lists.debian.org/503242D3.3030108@gmail.com
 
Old 08-20-2012, 02:02 PM
lina
 
Default Is it possible to hide the ip in ssh connection

On Monday 20,August,2012 09:59 PM, lina wrote:
> Hi,
>
> I ssh to a server which has 400+ users, active ones around 100.
>
> Frankly speaking, I would feel comfortable to hide my IP if possible,
>
> any suggestions (I checked the spoof, but seems not positive),
>
> Thanks with best regards,
>
>
Another question, how do I know whether there are some people are
attempting to invade my laptop, my username, ip are all exposed there.


I do know very little,

Thanks again,


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5032437F.3090709@gmail.com">http://lists.debian.org/5032437F.3090709@gmail.com
 
Old 08-20-2012, 02:22 PM
Gaël DONVAL
 
Default Is it possible to hide the ip in ssh connection

Le lundi 20 août 2012 à 22:02 +0800, lina a écrit :
> On Monday 20,August,2012 09:59 PM, lina wrote:
> > Hi,
> >
> > I ssh to a server which has 400+ users, active ones around 100.
> >
> > Frankly speaking, I would feel comfortable to hide my IP if possible,
> >
> > any suggestions (I checked the spoof, but seems not positive),
> Another question, how do I know whether there are some people are
> attempting to invade my laptop, my username, ip are all exposed there.

An IP address is like your (real) home address.
You are free to send a letter without your true home address on it. You
can spoof it. But then, don't expect a reply: if one is sent, the
recipient would be the one whom address has been spoofed by you.

ssh is like a mail correspondence between you and the remote server: if
you spoof your IP address, you wont be able to use it because you wont
get any reply.

As well, I guess knowing a home address has never helped any robber to
break into a house.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1345472549.4593.19.camel@p76-nom-gd.cnrs-imn.fr">http://lists.debian.org/1345472549.4593.19.camel@p76-nom-gd.cnrs-imn.fr
 
Old 08-20-2012, 02:33 PM
Camaleón
 
Default Is it possible to hide the ip in ssh connection

On Mon, 20 Aug 2012 21:59:47 +0800, lina wrote:

> I ssh to a server which has 400+ users, active ones around 100.
>
> Frankly speaking, I would feel comfortable to hide my IP if possible,
>
> any suggestions (I checked the spoof, but seems not positive),

You mean to hide your ssh remote connecting IP address? If you have
several outgoing network devices you can choose between them to stablish
a connection by means of "-b" argument.

Also, Google seems to return a bunch of results:

http://en.lmgtfy.com/?q=ssh+fake+ip+address

Anyway, I wonder what's what you fear of. You can hide your originating
IP but your username and your activities can be still tracked at least by
the admins >:-)

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/k0thrp$mg3$9@ger.gmane.org
 
Old 08-20-2012, 02:40 PM
Mika Suomalainen
 
Default Is it possible to hide the ip in ssh connection

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 20.08.2012 16:59, lina wrote:
>
> I ssh to a server which has 400+ users, active ones around 100.
>
> Frankly speaking, I would feel comfortable to hide my IP if
> possible,
>
> any suggestions (I checked the spoof, but seems not positive),

Try proxychains and tor. [Homepage] of proxychains says
"* Run SSH, telnet, wget, ftp, apt, vnc, nmap through proxy servers."

[Homepage]:http://proxychains.sourceforge.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: gpg --fetch-keys http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
Comment: Why do I (clear)sign emails? http://git.io/6FLzWg
Comment: Please remove PGP lines in replies. http://git.io/nvHrDg
Comment: Charset of this message should be UTF-8.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJQMkx3AAoJEE21PP6CpGcoBrgP/0KfXYeypxP6XTDYyQskkPv3
Ig7kNwCaTR54hb0OfShFgvQ6/rsoEmb4BkNmP7leuX3wK5pGnMWKOVxUOuOPWOP9
3wjx/B/AkUsYyPYb1QccZ9S20CsOS8C6zXzIkdAKbk3dCRWOj0wa+tcl3 h5yGTzR
PsLo9WZ2Hb1OLwoI2qNzlvxRfduVtnXrX4QC1fN3lMnxC7Y5Lx +JBhE9saST7C/f
4NG8/CQYNoJ0nbRwmh4fgcAE5+8uB5HA7R2PvRrvjrT7rWBCpTf0c2Z S5bpYDxA6
rnBdIcwMLaXA+beSC6NTYU0Hr4TkR8HY6DKASExEVQSluOvWP6 z3mf5ggw51+HYS
sby7hOjOuLvbDKDLQJ/FbAUQ/EixwH+G4Wvpph3fvo6kH5s/MjbXxJfZw7hLUgGV
F7N7RUu8QNV5jJo1ZP5YY6bGd8NQenJF8Go4q9yVVyKgzFfdtA swcGtu7VNYZ00v
4kyogGQv7b6p3huXqrjVS9Mc9GUQ256G5mttzaUyR4aE4/nSC5hbu0fhu+I83Pyb
mBtn+H+9O+O6XWB/OgVhWLCZb3PY+NAM8TvxKpoOJGHPigHQ7iDVrqAzapV82Xl/
cBGwHSyHvGGe2PTbtgyeZEgsnSI/fBlsRxg9Z49CewN5tFWM2sUwOGbU3diLA+rx
WsIYeUhRUl2kU6Zy3vIK
=ZRIM
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 50324C79.40106@users.sourceforge.net">http://lists.debian.org/50324C79.40106@users.sourceforge.net
 
Old 08-20-2012, 02:44 PM
Mika Suomalainen
 
Default Is it possible to hide the ip in ssh connection

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 20.08.2012 17:02, lina wrote:
> On Monday 20,August,2012 09:59 PM, lina wrote:
>>> Hi,
>>>
>>> I ssh to a server which has 400+ users, active ones around
>>> 100.
>>>
>>> Frankly speaking, I would feel comfortable to hide my IP if
>>> possible,
>>>
>>> any suggestions (I checked the spoof, but seems not positive),
>>>
>>> Thanks with best regards,
>>>
>>>
> Another question, how do I know whether there are some people are
> attempting to invade my laptop, my username, ip are all exposed
> there.

If you have SSHd and that is what you are worried about, grep ssh from
/var/log/auth.log .
I'm not sure does that require loglevel being "VERBOSE" in sshd_config.

And you might also want to install something like SSHGuard (package
sshguard) to protect your SSHd and other services, which it protects
from attackers. http://www.sshguard.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: gpg --fetch-keys http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
Comment: Why do I (clear)sign emails? http://git.io/6FLzWg
Comment: Please remove PGP lines in replies. http://git.io/nvHrDg
Comment: Charset of this message should be UTF-8.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJQMk1TAAoJEE21PP6CpGco1eAP/jYli35Dg3KGtL1S8T68yNqM
oqIs02FFR6iQZongOzOpo3l4q53O5rXbKz9g43rCWKRQyIlrBy ObHPAOHlwv6Jcv
lmXT0KUHR88ODBRVFq5Zu7pTDOoSEseif7tAF+HBWLwl5Fwvpl U9/WRLKE1UnRni
1vGbWyqAKTzekmbywQyqxfuqE4alDIRDvPQBawHJwsWmUPLJQi BKPUy/MZ9VhVWM
wvpdGTzoEtU2DUH+f+reuC0UakU45mwAYtb+WV4m82vM5AxS+P UzMvOOwKJUSqe+
+6vuoeJymLUQfb9/wbdyMPcaQ17tauI3w7ltWEKSpO1X89pahC78EeAhHO+YPC46
bNJFHEEzbcD7T24QPz5vkdGQY5QOZ+vcoo0ViaXX1FrqdWPAVb IN5vkSXdBMM/DD
VptVPVPdBAd1XqHOexaED6qt1iSoL62RuZ9oODfJ8wAJ54D14M ZVM0fgXTDH44N6
k774M5/Y3krEmlT5ddscyKMznBnX6JkQobE8DHxBS3UnsqTZU+iKyScNy uGlPDjV
5XeEL2iSINoH7WIKqOu9fZSqTEmGLk9KRp4RrBm/eHVv/0T2GAYLtja+wZ28ZzCB
aWxuq+z2QDegKHKAgvWTGwV3kRLLuWWXtmR2EmXYXVoUzS050q 9Faha5khfEPAAl
CJZSYl37IcGrZyNugz/i
=O+FX
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 50324D55.10007@users.sourceforge.net">http://lists.debian.org/50324D55.10007@users.sourceforge.net
 
Old 08-20-2012, 02:47 PM
Ralf Mardorf
 
Default Is it possible to hide the ip in ssh connection

On Mon, 2012-08-20 at 16:22 +0200, Gaël DONVAL wrote:
> Le lundi 20 août 2012 à 22:02 +0800, lina a écrit :
> > On Monday 20,August,2012 09:59 PM, lina wrote:
> > > Hi,
> > >
> > > I ssh to a server which has 400+ users, active ones around 100.
> > >
> > > Frankly speaking, I would feel comfortable to hide my IP if possible,
> > >
> > > any suggestions (I checked the spoof, but seems not positive),
> > Another question, how do I know whether there are some people are
> > attempting to invade my laptop, my username, ip are all exposed there.
>
> An IP address is like your (real) home address. [snip]

No it's not, it's still secret enough for averaged usage. Only a curt is
able to allow that your IP becomes as open as your "(real) home address"
and that just to a small group of known people. Everybody has a right of
private sphere and IP addresses keep private sphere. If you plan to bomb
the Deutsche Parlament, than don't worry about security issues regarding
to the IP address. If so, you need completely different security, but
hiding your IP. If you, Lina, worry stalking from an ex-boyfriend, than
the IP address is something that he doesn't need, since he knows too
much about you, that is much more informing, how and where you live
today. Conspiration, stalking etc. does happen, but usually nobody needs
an IP. Idiots as lawyers need an IP, to sue fans of mainstream
pop-rock-bands. The Federal (German) Intelligence Service prefers
profilers.

Read the magazine "conspiracy theorist today" .

Regards,
Ralf


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/1345474061.1285.47.camel@localhost.localdomain
 
Old 08-20-2012, 03:09 PM
lina
 
Default Is it possible to hide the ip in ssh connection

On Monday 20,August,2012 10:44 PM, Mika Suomalainen wrote:
> On 20.08.2012 17:02, lina wrote:
>> On Monday 20,August,2012 09:59 PM, lina wrote:
>>>> Hi,
>>>>
>>>> I ssh to a server which has 400+ users, active ones around
>>>> 100.
>>>>
>>>> Frankly speaking, I would feel comfortable to hide my IP if
>>>> possible,
>>>>
>>>> any suggestions (I checked the spoof, but seems not positive),
>>>>
>>>> Thanks with best regards,
>>>>
>>>>
>> Another question, how do I know whether there are some people are
>> attempting to invade my laptop, my username, ip are all exposed
>> there.
>
> If you have SSHd and that is what you are worried about, grep ssh from
> /var/log/auth.log .

This is the first time I know the auth.log

Aug 20 16:06:14 Debian sshd[10509]: Did not receive identification
string from 172.21.48.161
Aug 20 16:06:42 Debian sshd[10510]: Invalid user administrator from
172.21.48.161

Aug 20 16:06:43 Debian sshd[10510]: Failed password for invalid user
administrator from 172.21.48.161 port
56139 ssh2
Aug 20 16:06:44 Debian sshd[10510]: Connection closed by 172.21.48.161
[preauth]

172.21.48.161 is not the ip of any servers I connected to.
and for ssh I use public keys to connect to sever, don't use password.
For the whole day I didn't shut down the laptop, 172.21.50.108 is the
ip, and furthermore I checked
# more syslog | grep 172.21.48.161
# more syslog.1 | grep 172.21.48.161
my laptop has never been bound to this IP before.

I don't know shall I be a bit appalled or not.

> I'm not sure does that require loglevel being "VERBOSE" in sshd_config.
>
> And you might also want to install something like SSHGuard (package
> sshguard) to protect your SSHd and other services, which it protects
> from attackers. http://www.sshguard.net/
Thanks very much.

Best regards,
>
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5032531F.2000204@gmail.com">http://lists.debian.org/5032531F.2000204@gmail.com
 
Old 08-20-2012, 03:15 PM
Lars Noodén
 
Default Is it possible to hide the ip in ssh connection

It looks like it is possible to use Tor as a proxy:

http://www.howtoforge.com/anonymous-ssh-sessions-with-tor

If this document is correct, it is very easy to set up. That would
obfuscate the ip number you are connecting from by adding a jump in the
middle. The target server would only see that last step.

Regards,
/Lars


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 503254A9.6080303@gmail.com">http://lists.debian.org/503254A9.6080303@gmail.com
 
Old 08-20-2012, 03:15 PM
lina
 
Default Is it possible to hide the ip in ssh connection

On Monday 20,August,2012 10:44 PM, Mika Suomalainen wrote:
> On 20.08.2012 17:02, lina wrote:
>> On Monday 20,August,2012 09:59 PM, lina wrote:
>>>> Hi,
>>>>
>>>> I ssh to a server which has 400+ users, active ones around
>>>> 100.
>>>>
>>>> Frankly speaking, I would feel comfortable to hide my IP if
>>>> possible,
>>>>
>>>> any suggestions (I checked the spoof, but seems not positive),
>>>>
>>>> Thanks with best regards,
>>>>
>>>>
>> Another question, how do I know whether there are some people are
>> attempting to invade my laptop, my username, ip are all exposed
>> there.
>
> If you have SSHd and that is what you are worried about, grep ssh from
> /var/log/auth.log .

BTW, what is the 172.21.48.161, seems in the old auth.log* also has this
one.

# zmore auth.log.2.gz | grep 172.21.48.161
Aug 5 16:05:13 Debian sshd[15369]: Did not receive identification
string from 172.21.48.161
Aug 5 16:05:36 Debian sshd[15370]: Invalid user administrator from
172.21.48.161
Aug 5 16:05:36 Debian sshd[15370]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 5 16:05:38 Debian sshd[15370]: Failed password for invalid user
administrator from 172.21.48.161 port 54999 ssh2
Aug 5 16:05:40 Debian sshd[15370]: Connection closed by 172.21.48.161
[preauth]
Aug 6 04:04:45 Debian sshd[19015]: Did not receive identification
string from 172.21.48.161
Aug 6 04:05:09 Debian sshd[19016]: Invalid user administrator from
172.21.48.161
Aug 6 04:05:09 Debian sshd[19016]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 6 04:05:10 Debian sshd[19016]: Failed password for invalid user
administrator from 172.21.48.161 port 59847 ssh2
Aug 6 04:05:11 Debian sshd[19016]: Connection closed by 172.21.48.161
[preauth]
Aug 6 16:06:08 Debian sshd[23030]: Did not receive identification
string from 172.21.48.161
Aug 6 16:06:29 Debian sshd[23032]: Invalid user administrator from
172.21.48.161
Aug 6 16:06:29 Debian sshd[23032]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 6 16:06:31 Debian sshd[23032]: Failed password for invalid user
administrator from 172.21.48.161 port 49880 ssh2
Aug 6 16:06:32 Debian sshd[23032]: Connection closed by 172.21.48.161
[preauth]
Aug 7 04:04:44 Debian sshd[916]: Did not receive identification string
from 172.21.48.161
Aug 7 04:05:07 Debian sshd[917]: Invalid user administrator from
172.21.48.161
Aug 7 04:05:07 Debian sshd[917]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 7 04:05:09 Debian sshd[917]: Failed password for invalid user
administrator from 172.21.48.161 port 55548 ssh2
Aug 7 04:05:23 Debian sshd[917]: Connection closed by 172.21.48.161
[preauth]

Thanks again,

Best regards,


> I'm not sure does that require loglevel being "VERBOSE" in sshd_config.
>
> And you might also want to install something like SSHGuard (package
> sshguard) to protect your SSHd and other services, which it protects
> from attackers. http://www.sshguard.net/
>
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 503254AB.8030203@gmail.com">http://lists.debian.org/503254AB.8030203@gmail.com
 

Thread Tools




All times are GMT. The time now is 02:42 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org