When you try to connect to a remote virtual machine host server and get the Virtual Machine Manager Connection Failure window shown below, the problem should be one of only two things. Either libvirtd really isn’t running and you need to start it, or you don’t have openssh-askpass installed.

With one host connecting and launching dbus sessions, this should work. You can get the variable from running sessions in /proc/ /environ. But as soon as you have multiple hosts, you need to figure out which host you’re coming from.

If you need to forward X the old school unencrypted way, you need to add one line to gdm’s custom.conf file and restart the desktop. Without this, the old “xhost +” won’t do a thing because the out of the box Xorg configuration includes the nolisten tcp flag.

I can see a use of this type of attack for getting around captchas. If I host a web page that gives you access to download free mp3s, and all you have to do is complete a captcha to get it, what if I get that captcha from another site? I mean, when you load my page, I load the site I want to attack and show you their captcha instead?! That would basically make you my captcha-cracking conscript!

Proxytunnel is a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy. Getting it built seems to be pretty straight forward stuff.

rootninja@rootninja ~ ]$ ssh -Y remotehost “vncserver :1 && vncviewer localhost:1″
Starting applications specified in /home/rootninja/.vnc/xstartup
Log file is /home/rootninja/.vnc/remotehost.com:1.log

Want to have some fun with users that keep ssh’ing to your box? Let them in, then kill them right away. I don’t even remember when/why I wrote this silly script, but here it is. There’s a lot better ways you could do this, and if you want any real ssh security, don’t even let them log in at all.

I just saw a recent article describing some simple ssh attacks that looked a little funny to me. So I figured I’ll test them out. The one that smelled funny was using local and remote port forwarding on itself, localhost. It just doesn’t work on modern linux …

Accessing the hidden VMware ESXi service console was supposed to be done only while working directly with a VMware technician, but it’s just so darn handy when you’re a command line junkie, that how can you resist right?

[user@localhost ~]$  cat ~/.ssh/id_rsa.pub ~/.ssh/id_dsa.pub | ssh user@remotehost ’sh -c “cat - >> ~/.ssh/authorized_keys”‘
You’ll be prompted for the password just this one last time.  This is perfect for running a script that runs several remote commands through ssh.  Here’s a script that checks for your keys and adds them if …