Ubuntu Server SSH configuration file help

This is my sshd_config file settings I can connect to my server with my pc using public key but I can also connect from another pc with the password of sudo user account. How can make the login possible only with public key in SSH and SFTP? Thanks a lot

# This is the sshd server system-wide configuration file.  See # sshd_config(5) for more information.  # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin  # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented.  Uncommented options override the # default value.  #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::  #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key  # Ciphers and keying #RekeyLimit default none  # Logging #SyslogFacility AUTH #LogLevel INFO  # Authentication:  LoginGraceTime 1m PermitRootLogin without-password #StrictModes yes MaxAuthTries 3 #MaxSessions 10  PubkeyAuthentication yes  # Expect .ssh/authorized_keys2 to be disregarded by default in future. #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2  #AuthorizedPrincipalsFile none  #AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody  # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes  # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no  # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no  # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no  # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no  # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication.  Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM no  #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none  # no default banner path #Banner none  # Allow client to pass locale environment variables AcceptEnv LANG LC_*  # override default of no subsystems Subsystem   sftp    /usr/lib/openssh/sftp-server  # Example of overriding settings on a per-user basis #Match User anoncvs #   X11Forwarding no #   AllowTcpForwarding no #   PermitTTY no #   ForceCommand cvs server 

Can’t help the engine to choose the correct execution plan

The stuff are pretty complex to share the original code (a lot of routines, a lot of tables), so I will try to summarize.

Environment:

  • SQL Server 2016
  • standard edition

Objects:

  • wide table with the following columns:

    ID BIGINT PK IDENTITY Filter01  Filter02  Filter03  .. and many columns    
  • stored procedure returning visible ID from the given table depending on filter parameters

  • the table has the following indexes:

    PK on ID NCI on Filter01 INCLUDE(Filter02, Filter03) NCI on Filter02 INCLUDE(Filter01, Filter03) 

Basically, in the routine I am creating three temporary tables – each holding current filtering values and then join them with the main table. In some cases, Filter02 values are not specified (so the join with this table is skipped) – the other tables are always joined. So, I have something like this:

SELECT * FROM maintable  INNER JOIN #Filter01Values -- always exists INNER JOIN #Filter02Values -- sometimes skipped INNER JOIN #Filter03Values -- always exists 

So, how the IDs are distributed – in 99% of the cases it will be best to filter by Filter02Value and I guess, because of this, the engine is using the NCI on Filter02 INCLUDE(Filter01, Filter03) index.

The issue is that in the rest 1% the query fails badly:

enter image description here

In green is the Filter02 values table and you can see that filtering on this does not reduce the read rows at all. Then when the filtering by Filter01 is done (in red) about 100 rows are returned.

So, this is happening only when the stored procedure is executed. If I execute its code with these parameters I nice execution plan:

enter image description here

In such case, the engine is filtering by Filter01 first and Filter02 third.

I am building and executing dynamic T-SQL statement and I add OPTION(RECOMPILE) at at the end, but it does not change anything. If I add WITH RECOMPILE on the stored procedure level, everything is fine.

Note, the values in the temporary tables for filtering are not populating in the dynamic-tsql statement. The tables are defined, populated and then the statement is built.

So, my questions are:

  • is the engine building a new plan for my dynamic statement as I have OPTION(recompile) – if yes, why is wrong
  • is the engine using the values populated in my filter02 temporary table to build the initial plan – maybe yes, that’s why it is choosing the wrong plan
  • using recompile on procedure level feels very hard/lazy fix – do you have any ideas how I can assist the engine further and skip this option – new indexes for examples (I have try a lot)

Nystul’s Magic vs Scrying. Does it in any way help a target in hiding from a scry?

I’ve not been able to find an answer to this. If it has been addressed, or if I am overlooking something obvious, I apologize.

The potential interaction of the two spells, seems ambiguous to me. And I can’t figure out if there is a possibility that Nystul’s Magic Aura might serve to cloud a Scrying attempt.

Are the examples listed under the two options, False Aura and Mask, to be understood as exhaustive? Because in spite of many people often jumping to the, “if the spell doesn’t say it does something, it doesn’t do it” argument, I often see a ruling going against that “dogma”.

Nystul’s Magic Aura:

You place an illusion on a creature or an object you touch so that divination spells reveal false information about it. The target can be a willing creature or an object that isn’t being carried or worn by another creature. When you cast the spell, choose one or both of the following effects. The effect lasts for the duration. If you cast this spell on the same creature or object every day for 30 days, placing the same effect on it each time, the illusion lasts until it is dispelled.

False Aura. You change the way the target appears to spells and magical effects, such as detect magic, that detect magical auras. You can make a nonmagical object appear magical, a magical object appear nonmagical, or change the object’s magical aura so that it appears to belong to a specific school of magic that you choose. When you use this effect on an object, you can make the false magic apparent to any creature that handles the item.

Mask. You change the way the target appears to spells and magical effects that detect creature types, such as a paladin’s Divine Sense or the trigger of a symbol spell. You choose a creature type and other spells and magical effects treat the target as if it were a creature of that type or of that alignment.

Accidentally let party wander into a high level situation, how do I help them get out without cheesing?

TL;DR – due to poor planning on my part in my sandbox-esque game, a party of four Level 5s (fighter, warlock, non-healer bard, wizard) is about to wander into a high level situation and I’d like them to not die while still letting them accomplish something.

Here’s the situation.

The party recently emerged from the Feywild to find that two months had passed on the outside. They ended up near the capital city. Okay, cool. I prepare some rumors they can dig up so they can help find out what they missed. One character in particular has a lot of backstory in the capital, so we hashed out some of the relevant NPCs.

In an attempt to set up and highlight how tensions are escalating in the kingdom with the threat of war on the horizon, as well as to set up an NPC Big Bad later, I let them find out that some people around the capital have been “disappearing” on order of the Queen’s Spymaster because they were suspected of being spies for the enemy empire. The Queen herself has been rumored to be ill and has definitely become hard to get a hold of. One of the NPCs who disappeared was one of a character’s school friends, who we’d hashed out the existence of between sessions.

Now, these disappearances were all on trumped up charges. The character who’d spent the most time in the capital actually is a spy for the enemy empire and would know this. She was adamant – and correctly so – that her friend was innocent.

What I expected to happen – and this is on me – was that they’d hear that the second most powerful person in the kingdom had a direct hand in these events and get out of town. The entire group is Level 5. I expected this entire setup to be set dressing for stuff they’d deal with later. It’s not like they don’t have a lot of side quests and leads to chase down elsewhere.

Instead, they resolved to do whatever they could to rescue this girl and get to the bottom of the situation.

Here’s what I know that they have no feasible way to find out at this point:

  • The Queen’s Spymaster has defected – she’s orchestrating events to deliberately try and undercut faith in the government as well as generally sow chaos
  • She’s not operating in the good faith the group assumes she is. This is not an innocent mistake or paranoia they can assuage.
  • The Queen’s Spymaster is actually one of the six heroes of long ago legend and is thus a Level 15 assassin living in secret.
  • The Queen herself is not even in the city at this time, and (as a high level sorcerer) she’s left a simulacrum in her place to help allay suspicion.
  • The group has rolled really badly on Perception checks to see if they’re being tailed and they are, in fact, being intermittently tailed.

    I don’t want to punish them for jumping in to this plot with both feet. I don’t want to stonewall them from finding this missing girl since they’re super invested in doing so, and they know she’s still in the city.

How can I help arrange things so they have a chance of succeeding while still putting them in a reasonable amount of danger?

Can you help me crack this hash?

i need help with this: for an exercise i need to crack this hash $ apr1$ cy5UgTjB$ 1D.TuLHrP.Q5ZN7evMbRS1 I found with hash-identifier that it’s a MD5(APR) hash, -m 1600 in hashcat. So i runned:

hashcat -a 0 -m 1600 $  apr1$  cy5UgTjB$  1D.TuLHrP.Q5ZN7evMbRS1 /usr/share/wordlists/rockyou.txt --force 

But i get this error

Hash 'D.TuLHrP.Q5ZN7evMbRS1:asltey': Separator unmatched No hashes loaded. 

Do you know why? Thank you.

Algorithm complexity exercise, please help

For a certain problem two solution algorithms (A1 and A2) with the following execution times have been found:

  • $ A1: T(n)=4n^2 +7log(n^2)$
  • $ A2: T(n) = 4T(n/2) + log(n)$

Say, technically justifying the answer, which of the two algorithms is preferable for input of size sufficiently large

Here my solution

For $ A1$ there is no recursion, the predominant term is $ 4n^2$ so we can say:

Complexity of $ A1 = O(n^2)$

For $ A2$ we do have recursion, Let’s use the Master Theorem:

$ a = 4$ , $ b = 2$ and $ f(n) = log(n)$

$ $ f(n) < n^{\log_{b} a}$ $ $ $ log(n) < n^{\log_{2} 4}$ $ $ $ log(n) < n^2$ $

Case 1:
Complexity of $ A2 = \theta(n^2)$

Here come my question, which one is preferable and why ?

I’d say we have no difference since both algorithms have an upper bound of $ c*n^2$

Need help with previous “Automata / Theory Of Computation” exam question

I passed by this question in a previous exam while studying for the “Automata / Theory Of Computation” and I am struggling to find answer. I would appreciate it if someone can help me with it:

This is the question:

a)On the basis of what was covered in class, draw the Venn diagram representing the following sets:

1.REXP: the set of the language given by all regular expressions

2.DFSA: the set of all languages recognized by deterministic FSAs

3.NFSA: the set of all languages recognized by non-deterministic FSAs

4.CFG: the set of all languages generated by context free grammars

5.PDA: the set of all languages recognized by PDAs

Need help for integrating inventory management system with auction sites

Hi guys..

I am currently required to develop an inventory management system for used cars that posts and retrieves data from single/multiple auction sites. The inventory management system should be standalone and it can integrate with the existing auction sites like eBay etc. or for demonstration purposes, can be shown on a separate new auction site. Can you guys please help me as to where to start with this and if there are any ready-made scripts available that suit this purpose? Please help

Would a person affected by Hypnotic Gaze scream for help?

The level 2 Wizard Enchantment tradition feature, Hypnotic Gaze, does the following:

Starting at 2nd level when you choose this school, your soft words and enchanting gaze can magically enthrall another creature. As an action, choose one creature that you can see within 5 feet of you. If the target can see or hear you, it must succeed on a Wisdom saving throw against your wizard spell save DC or be charmed by you until the end of your next turn. The charmed creature’s speed drops to 0, and the creature is incapacitated and visibly dazed.

Would a person affected by Hypnotic Gaze scream for help?

From my reading of the ability, there is nothing preventing the charmed creature from realizing its condition and screaming for help.

How could learning hacking help me secure myself?

I am mostly interested in the branch of web hacking (the one most used by bug hunters), usually the two types of hackers are the black hat hackers, those who attack, and the white hat hackers the ones who defends.

My question is: If someone learned web hacking for the purpose of defending and searching for bugs, how can this field of study affect his daily life protection and privacy? Would it be useful to learn this type of hacking for personal security? (i.e. the security of my laptop and network etc.)

And what could be some best branches of hacking that are useful for securing and protecting myself? And what other benefits would I get by learning hacking assuming that I am not considering it as my future career like working as cyber security or something?