Use a private SSH key to login as another user.
Host name is bandit.labs.overthewire.org
User: bandit13
password: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
Commands used for this level:
ls - List information about the FILE's (the current directory by default).
cat - used to view contents of a file.
openssh - OpenSSH SSH client (remote login program)
Step 1.
After logging in type ls
You will see a file called sshkey.private
Step 2.
What we have is a private ssh key. With ssh the private key is kept on the computer you log in from (the key we have), while the public key is stored on all the computers you want to log in to (more can be read about keys here).
Type cat sshkey.private and you can see what a private key looks like.
Step 3.
So we need to use ssh to login to another users account bandit14@localhost for us.
Type man ssh and we see ssh is a program for logging into a remote machine and for executing commands on a remote machine. If we read down on the man page we see that ssh when used with -i option will use a file with a private key to use for login. We will use our sshkey.private file. We now know our full command to type to remote into bandit14 user.
Type ssh -i ./sshkey.private bandit14@localhost
This command says use ssh, -i says use a specified privatekey file, ./sshkey.private is our key location, and bandit14@localhost is the account we want to login to.
After we enter this command we will be asked: Are you sure you want to continue connecting (yes/no)?
Type yes
We are now connected to bandit14
Step 4.
Now all we need to do is read our password file which is given to us as being in the /etc/bandit_pass/bandit14 file.
Type cat /etc/bandit_pass/bandit14 file and our password for the next level is given 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
when i am typing this command :
ReplyDeletessh -i ./sshkey.private bandit14@localhost
it gives an error :
connect to host localhost port 22: Connection refused
PLZ HELP!!