First of all not being able to connect to your Ubuntu server via SSH as root is ‘by design’, and it’s a perfectly good security measure. I do find it interesting that every hosting company I ever used, spin up a new machine and then email me the root password and they’ve enabled it anyway?
I needed to enable this recently and the internet is full of posts saying ‘just edit the config file, and restart the service’. What they don’t tell you is that the root user is disabled by default, even with a valid password, IT STILL WONT WORK!
Solution
Connect to your Ubuntu machine, and reset the root user password, (so you know what it is).
[box]sudo passwd root[/box]
As shown you will need to enter your password first, then enter and confirm a new root password.
Then ‘unlock the root account’;
[box]sudo passwd -u root[/box]
Note: If you ever want to ‘lock‘ it again, use (sudo passwd -l root).
Now you can edit the sshd config file;
[box]sudo nano /etc/ssh/sshd_config[/box]
Locate the line ‘PermitRootLogin’ and change it so it ONLY says yes (as below).
Note: Here I’m also changing the SSH port (to 2223 in this example, from the default port of 22), I usually change the default SSH port.
Now finally, restart the SSH Daemon, (that always looks like it’s spelled incorrectly!) With the following command;
[box]sudo service sshd restart[/box]
Don’t forget if, (like me) you changed the port, you will need to specify that in your client connection software (i.e. PuTTy or RoyalTSX).
Related Articles, References, Credits, or External Links
Every time I go to a networking event theres a sea of MacBooks in the audience, If techs like MacBooks so much why is there such a lack of decent Mac TFTP software?
Solution
The thing is, I’m looking at the problem with my ‘Windows User’ head on. When I have a task to perform I’m geared towards looking for a program do do that for me. OS X is Linux (There I said it!) Linux in a pretty dress, I’ll grant you, but scratch the surface a little bit and there it is.
Why is that important? Well your already holding a running TFTP server on your hand, your MAC is already running a TFTP server, you just need to learn how to use it.
MAC TFTP Server (OS X Native)
As I said it’s probably running anyway, but to check, open a Terminal window and issue the following command;
[box]netstat -atp UDP | grep tftp[/box]
If it’s not running you can manually start and stop the TFTP server with the following commands;
Note: In macOS Catalina, it’s disabled by default, so if you don’t manually start it, you will see errors like;
[box]
%Error reading tftp://192.168.1.20/cisco-ftd-fp1k.6.6.0-90.SPA (Timed out attempting to connect)
[/box]
It would normally go without saying, but If I don’t say it, the post will fill up with comments! Make sure your Mac is physically connected to the same network as the network device, and has an IP address in the same range.
And make sure the device, and the Mac can ‘ping’ each other.
Use Mac TFTP Deamon To Copy a File To a Network Device
I’ve got a Cisco ASA 5505, but whatever the device is, does not really matter. You will have a file that you have downloaded, and you want to ‘send’ that file to a device. This file will probably be in your ‘downloads’ folder, the TFTP deamon uses the /private/tftpboot folder so we are going to copy the file there. Then set the correct permissions on the file.
[box]
cd ~/Downloads
cp FILENAME /private/tftpboot
cd /private/tftpboot
chmod 766 FILENAME
To set permissions on ALL files in this directory.
You can then execute the command on your device to copy the file across;
[box]
ciscoasa# copy tftp flash
Address or name of remote host []? 192.168.1.5
Source filename []? asa825-59-k8.bin
Destination filename [asa825-59-k8.bin]? {Enter}
Accessing tftp://192.168.1.5/asa825-59-k8.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asa825-59-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
15482880 bytes copied in 12.460 secs (1290240 bytes/sec)
ciscoasa#
[/box]
Use Mac TFTP Deamon To Copy a File From a Network Device
There is a gotcha with the TFTP daemon, which is you cant copy a file to the TFTP daemon if that file does not already exist there. Which at first glance sort of defeats the object, but what it really means id you have to have a file there with the same name and the correct permissions on it. In Linux you can create a file with the ‘Touch’ command.
[box]
cd /private/tftpboot
touch FILENAME
chmod 766 FILENAME
[/box]
You can then sent the file to your Mac from the device;
[box]
ciscoasa# copy flash tftp
Source filename []? asa825-59-k8.bin
Address or name of remote host []? 192.168.1.5
Destination filename [asa825-59-k8.bin]? {Enter}
Writing file tftp://192.168.1.5/asa825-59-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
15482880 bytes copied in 9.940 secs (1720320 bytes/sec)
ciscoasa#
[/box]
I Want Mac OS X TFTP Software!
Well you have a limited choice, if you don’t like using the Mac TFTP Daemon. You can install and use a GUI front end that uses the built in TFTP software.
But if you want a ‘stand-alone’ piece of software then the only other one I’ve found is PumpKIN, you will need to disable the built in TFTP daemon or it will throw an error.
Related Articles, References, Credits, or External Links