I would like to setup a SSH Server on my PC and access it from Internet but I would like to be notified on each SSH successful connection (maybe on fail too in order to check if there no Bruteforce attack). I'm using OpenSSH-Win64 but I can't see any option to execute a batch file to make a CURL call. I saw that on Linux it is possible to use ForceCommand but the command seems not to work on Windows.
I tried to add this on the end of the file sshd_config file :
ForceCommand C:/tools/send_sms.bat
send_sms.bat :
curl --header "Access-Token: <myToken>" --header "Content-Type: application/json" --data-binary "{\"data\":{\"addresses\":[\"<myPhoneNumber>\"],\"message\":\"Someone successfully connected with SSH\",\"target_device_iden\":\"<myDeviceId>\"}}" --request POST https://api.pushbullet.com/v2/texts
but nothing happen on successful connection although the bat works on manual execution.
I could watch C:\ProgramData\ssh\logs\sshd.log file but it's a little bit tricky.
Does someone have any solution/idea?
Thank you
Has anyone encountered a file that has an extension of ".ehi" before?
If I open it using Wordpad, its contents are not readable strings.
What app should I use in order to open this file type?
What is an EHI file?
Config file used by HTTP Injector, an Android app used to modify
requests and access blocked websites behind firewall with SSH support
and proxy server; contains settings that configure HTTP Injector,
which includes server login credentials and security/locking
information.
Based on this information, it makes sense that the data isn't stored in plain text. The credentials are likely encrypted or otherwise stored in an obfuscated format to help prevent unauthorized access.
Source: https://fileinfo.com/extension/ehi
I currently have dovecot and postfix set up, and I can log in locally because rainloop web mail works perfectly fine for both sending and receiving. However, all external login attempts simply fail, even with the correct username and password. How can I allow external logins(any config file changes, etc.)?
Please let me know about any error logs that might help, and I'll add them to this question.
I am not sure about what you mean when you say "External login",
but if you want to connect from a Mail client as Outlook for example, you should follow the steps of this tutorial : https://support.rackspace.com/how-to/dovecot-installation-and-configuration-on-centos/
Then you would be able to connect Outlook (or any other mail client) to your local Postfix mail directory from any server that is connected to the same local network
Hope it helps !
Does LibCurl provide some functionality to produce tokens or hash/salt a string and shared secret? My c++ program will upload files to the server and my server script will authenticate that the HTTP post is coming from my c++ application and not someone else. So I'll send a auth token or hash in the query string that the server script can compare with its own to authenticate the request.
I've seen that you can authenticate using curl --user name:password http://www.example.com but can't a user just read the binary executable and see the username and password?
Although, maybe I am reinventing the wheel with my auth approach. Does LibCurl or another c++ provide the ability to perform shared-secret authentication?
I haven't tried this, but since the command line supports a netrc file as described here https://stackoverflow.com/a/27894407/1542667. This is more secure when using the command line as you don't make your password visible to everyone on the same host via the ps command.
It looks like you could use the same approach for libcurl
https://curl.haxx.se/libcurl/c/CURLOPT_NETRC_FILE.html
I know you can download the raw access logs with appcfg.py, but I'm really interested in all the information around a specific request like python logging statements, exceptions and api statistics (just like the online log viewer). Does anyone know if there is a way to get that information another way then having to build it yourself?
If case anyone is wondering, we want to do some continuos statistical analyzing for problems and displaying them on a large screen on a wall in the office.
Sure - just pass the --severity flag to appcfg.py:
$ appcfg.py help request_logs
Usage: appcfg.py [options] request_logs <directory> <output_file>
Write request logs in Apache common log format.
The 'request_logs' command exports the request logs from your application
to a file. It will write Apache common log format records ordered
chronologically. If output file is '-' stdout will be written.
Options:
-h, --help Show the help message and exit.
-q, --quiet Print errors only.
-v, --verbose Print info level logs.
--noisy Print all logs.
-s SERVER, --server=SERVER
The server to connect to.
--insecure Use HTTP when communicating with the server.
-e EMAIL, --email=EMAIL
The username to use. Will prompt if omitted.
-H HOST, --host=HOST Overrides the Host header sent with all RPCs.
--no_cookies Do not save authentication cookies to local disk.
--passin Read the login password from stdin.
-A APP_ID, --application=APP_ID
Override application from app.yaml file.
-V VERSION, --version=VERSION
Override (major) version from app.yaml file.
-n NUM_DAYS, --num_days=NUM_DAYS
Number of days worth of log data to get. The cut-off
point is midnight UTC. Use 0 to get all available
logs. Default is 1, unless --append is also given;
then the default is 0.
-a, --append Append to existing file.
--severity=SEVERITY Severity of app-level log messages to get. The range
is 0 (DEBUG) through 4 (CRITICAL). If omitted, only
request logs are returned.
--vhost=VHOST The virtual host of log messages to get. If omitted,
all log messages are returned.
--include_vhost Include virtual host in log messages.
--end_date=END_DATE End date (as YYYY-MM-DD) of period for log data.
Defaults to today.
This is what works for us really well:
appcfg.py --append --num_days=0 --include_all request_logs /path/to/your/app/ /var/log/gae/yourapp.log
Anyway, the line above will get all your log records and append them to a log file if you've executed this before, if not, it will create a new log file. It actually looks at your existing log (if it's there) and it will not get any duplicates. You can run this without --append if you want, but use it if you are automating log downloads.
The key here is the --include_allflag which seems to be undocumented. This flag will get all the data that you see if you use GAE's web log viewer. So, you will get fields such as: ms=71 cpu_ms=32 api_cpu_ms=12 cpm_usd=0.000921... etc.
OK, I hope that helps someone.
BTW, we wrote up a blog post on this, check it out here.
I seem to be running into 100M limit with appcfg. I ended up using logservice API to get the logs
Here's the code - https://github.com/manasg/gae-log-fetcher
Here is a way to access raw logs so you can further processing without custom parsing (also for me request_logs is not downloading all the data for specified time frame).
Here is an app which runs in the appengine itself:
https://gaelogapp.appspot.com/
You can easily add this functionality to your app with updates to app.yaml and copy logs.py:
https://github.com/okigan/gaelogapp