Hacker News new | past | comments | ask | show | jobs | submit login
“Ghost in the Shell - Remake” (theshell.xyz)
252 points by daverstam on April 24, 2017 | hide | past | favorite | 84 comments

SSH automatically presents a public key to the server when trying to authenticate. If the server doesn't know that key, then SSH tries the next one. You can enumerate all of someone's keys this way (like https://blog.filippo.io/ssh-whoami-filippo-io/ SSH server does)

If you want to disable this sort of behaviour you can disable SSH from sending keys automatically, and then tell SSH which identity files need to be sent to each host.

In your .ssh/config, something like:

    # Ignore SSH keys unless specified in Host subsection
    IdentitiesOnly yes

    # Send your public key to github only
    Host github.com
        IdentityFile ~/.ssh/id_rsa


If you want to do this only for a single invocation, this will work:

  ssh -o IdentitiesOnly=yes -i /dev/null host
Specifying just IdentitiesOnly is not enough.

> Specifying just IdentitiesOnly is not enough.

In what manner?

With IdentitiesOnly, any explicitly configured via IdentityFile, or the default identity file if none are configured explicitly, is/are still sent. Using "-i /dev/null" in combination with IdentitiesOnly prevents that.

Interesting. If you're right, the manual leaves out the rather critical "or the default identity file" bit:

> Specifies that ssh(1) should only use the authentication identity and certificate files explicitly configured in the ssh_config files or passed on the ssh(1) command-line, even if ssh-agent(1) or a PKCS11Provider offers more identities.

I verified the behavior with ssh -vv (macOS Sierra).

Or just never install an identity in the default location (.ssh/id_*)

Serious question, what's the real harm in this since it's just public keys? Just allowing a server to discover all the other servers you may have been talking to?

Someone pulled thd public keys of github and created a ssh server that would greet you by your username/name.

Configuring your ssh correctly would avoid a specific system to link you to another one. More privacy issue than security.

In most cases, no real harm. However, it does give away some information about you which can be used to fingerprint you. This data is also, I'm 99% sure, transmitted in plaintext, so a passive adversary can gather this information as well. For most uses I wouldn't worry about it. But, if you're an attacker, say forcing your way onto an SSH server with a weak password, it can be a valuable source of information for identifying you.

> This data is also, I'm 99% sure, transmitted in plaintext

I was curious about this, so I did some research.

First, if you run `ssh -v`, you can see that there's a key exchange (eg, Diffie-Hellman), then a cipher and MAC are negotiated, and only once you get to the user authentication portion do your public keys get sent to the server.

So, only Alice and Bob can see the public keys: not Mallory.

Further reading: SSH transport layer, https://tools.ietf.org/html/rfc4253

Ah yes, you're right! I remembered there is some stuff transmitted in plaintext at the beginning, but it's just the normal SSL cipher-suite negotiation.

If you have multiple ssh keys, that can easily make you run out of login attempts. I have a key per server/client pair (because I'm weird), all stuffed into my ssh-agent, so that breaks basically all logins for me.

So, to stop it iterating through your keys for a single host, you have to specify IdentitiesOnly globally? That would explain why I couldn't make it work last time I tried it.

If I recall correctly, if you specify it for a single host, it tries all your default keys then tries the specified key if nothing else worked. Which seems weird and wrong to me, but what do I know. Anyway, thanks for (possibly) solving a mystery for me.

I couldn't quickly remember how to not send my public keys at all, so I did "sudo -u nobody ssh ..." instead.

Are you sure it's not IdentitiesOnly=yes instead? Or do both work? (I have this line in my config: VisualHostKey=yes )

Tl;dr: both work. From the ssh_config man page:

  Configuration options may be separated by whitespace or
  optional whitespace and exactly one `='; the latter format 
  is useful to avoid the need to quote whitespace when
  specifying configuration options using the ssh, scp, and
  sftp -o option.

I wish Serial Experiments Lain got as much recognition and discussion around it as GitS. SE:L seems to have more to do with being an actual hacker.

I loved SE:L. But like many hacking-oriented shows (I'm looking at you, Mr.Robot) it felt a need to go out into weird philosphical "what is reality?" and psycological strangeness.

I would love to see something that stays with the stuff I actually like about them. Philosophy and psychological exploration can be fine but I would absolutely love to see a show like one of those that stays closer to the ground.

GitS is primarily cyberpunk as I see it rather than focused on hacking. Hacking is just an element. Lain is focused on philosophy, psychology and spiritual weirdness and uses technology for aesthetics and as a tool to explore the bigger themes.

I'd love something like a heist-movie that stays close to the keyboard, like the most techie and coherent parts of Mr. Robot.

I don't think the technology in Lain was merely aesthetic. Sure, it did not behave literally like real world technology, but its dynamics within the show mirror its more subtle dynamics in the real world in a very exaggerated way. It's essential to Lain that technology and spirituality form an alloy. And beneath the lofty spiritual themes, there's Lain's """personal""" psychology, a glimpse into the mind of a technological super-intelligence.

Human societies and technological infrastructure are already complex enough to behave sort of like intelligent beings. They comprise humans and machines but are inhuman and more than mechanical. I find Lain to be one of the most thought provoking examination of the psychology of such super-intelligence that I've enjoyed.

I've been hoping for a while that we'd get this kind of movie. And I do think we're getting closer to it. There are a few recent movies that provide hints about how a film could successfully capture a hacking experience:

- The research scenes in The Girl with the Dragon Tattoo. - The texting scenes in Personal Shopper and House of Cards.

Does anyone have any other recommendations of close-to-the-keyboard style portrayals of communication, research, and hacking?

Is this The Girl with the Dragon Tattoo as in the american version? I haven't watched that, worthwhile? Being from Sweden I did read the books and see the swedish films :)

It's old, but i thought _Sneakers_ [1] did a great job.

[1] https://en.wikipedia.org/wiki/Sneakers_(1992_film)

The philosophy of GitS is more around "what is human identity?" but it does so through the conventional framework of the cyberpunk genre, and so those explorations into the mind are linked to technological advancement, and so, hacking is central.

This is exactly what I miss from tech/sci-fi - so much of it becomes increasingly philosophical and abstract instead of delivering (what I think) is a good solid intriguing plot.

I don't know if you watched any of the GitS TV series, but one was unwatchable because they kept on quoting French philosophers while virtual reality. Half an episode was essentially watching people argue on chat about something young me cared nothing about. DBZ was more entertaining at that point.

I've watched them all except the latest Arise prequel series. And yes, they definitely delved into too abstract a lot. Probably my favorite anime show but a good 25% could easily be cut out.

Hackers got most of it right.

Indeed. I find the expression "Ugh, hardcopy.." very useful in my day to day life :)

>being an actual hacker.

And GITS is not? I relate more with the Laughing Man than whatever the hell happens in SEL. You know the girl is dead and her spirit lives in a computer, right? SEL has more to do with spirituality than technology while GITS is almost exclusively tech and politics focused.

I had a chance to see the new movie a week ago and was pretty blown away by the levels of future-shock I experienced. I think they did a wonderful job building off the anime and manga to re-build the GITS world in live action. The first half of that movie had me enthralled at how good of a job was done here. I really think from set-design, costume, and setting perspectives this movie on par with visual feasts from the 70s/80s like Bladerunner, Dune, Star Wars, or Alien.

Story-wise its a poorly paced and milquetoast origin story that we've seen a million times. If this production had a more daring script I think we'd see the wisdom of trying to bring it to the big screen as live action. "Mindfuck" anime like SEL really isn't going to translate well, and trippy mindfuck stories have been beaten to death by now and are just another tiresome trope. Worse, it would have even less of an anticipated audience thus budget which would force the production into cheesy B-movie territory. Its also a non-existent franchise while GITS is an established fan favorite and for fairly valid reasons including a focus on the realpolitik of power, terrorism, technology, cybercrime, etc which a lot of other tech-oriented stories simply get wrong and lean far too often on a simplistic 'right vs wrong' moralism.

> I really think from set-design, costume, and setting perspectives this movie on par with visual feasts from the 70s/80s like Bladerunner, Dune, Star Wars, or Alien.

For those who haven't seen the live-action movie, Kotaku just put up an article showcasing some of the concept art:


(Except for die-hard fans of GitS, I would not recommend the new movie.)

>GITS is almost exclusively tech and politics focused

Tbh I really liked the spiritual themes from GitS. It's in the original movie, also in 2004 Innocence, and at the finale of 2008 Solid State Society (not going to make sense without seeing the whole anime series start to finish)

I think GiTS does a good job with its philosophical aspects, but GiTS doesn't only exist to sell a large philosophical thesis like SEL does. The philosophy is part of the over-all picture, and even then its a minority part. SEL is just a metaphor using computers for spirituality while GiTS very much is a traditional cyberpunk work. When Section 9 is called in to stop terrorists, its often not an excuse to pontificate on 'what is real,' often its about other themes like the weight of history and the causes of terror, the victims of a world where technology and politics changes so quickly, how hacking in a tech dominated world can be so disruptive, and how security forces and governments respond to these threats.

Also to be fair, when we look at the original movie, its more about AI rights than an avante-garde pondering of "dead waifus living in the ether" SEL is based on. I would classify these two things are completely different categories. One is a fairly rational take on the age old "Are AI alive" argument while the other is more or less fantasy dressed up as sci-fi.

>And GITS is not?

>seems to have more to do with being an actual hacker

>seems to have more to do

I would also like to give a shout out to Texhnolyze and Haibane Renmei (pretty much the fantasy part of "Hard-Boiled Wonderland and the End of the World"), which have most of the same staff members from SE:L.

I never really connected "Haibane Renmei" to "Hard-Boiled Wonderland and the End of the World" but now that you mention it, the similarities are so striking. The enclosed city, the outsider lost in the 'no questions answered ever' plot, the vague feelings of past memories, the strange rituals that nobody finds strange.

I wish the new anime Yoshitoshi ABe was planning, Despera [0],would come out soon but that doesn't seem like the case.

[0] https://en.wikipedia.org/wiki/Despera

SEL gets more than enough recognition and discussion. It is one of the top rated anime series of all time and in fact it's almost trite to discuss among anime cirles. Sure, it probably won't get a Hollywood adaptation (good), but it's not obscure or looked over.

It's also not really about hacking the way a "hacker" movie is.

I think Serial Experiments is a really important cultural artifact and was devilishly prescient about how the world will change as technology integrates more and more of the information we process into a coherent system.

Not to mention all the references to Apple, Unix, and NeXTSTEP. Such as the Whisper voice being used to speak the episode name and styling of the "To Be Continued" at the end of every episode.

> styling of the "To Be Continued"

Bit of a callout [0] to Be, I should think, cf. [1]. That's neither Unix nor Apple, although it's fairly close to both.

[0] http://www.wareriver.com/izzysanime/tobecontinued.jpg

[1] http://www.digibarn.com/collections/systems/bebox/Image123.j...

Well, GitS is a much larger franchise. And most of it is quite good so it deserves its praise.

But I am checking out Serial Experiments Lain right now, thanks for the recommendation! I love GitS to death and it might be my favorite anime/manga franchise but it still feels a little bit too corny every time someone gets called a Super Wizard Class Hacker

Oh I love GitS, I just think it's the only anime that gets discussed in these circles, while others go unnoticed.

Another recommendation (though completely unrelated to the discussion) is Berserk, quite possibly the best anime/manga I have seen/read, and the manga really is a must-read after you finish the anime.

SE:L was good but veeeeeery slow.

Can't wait for the sql: Ghost in the REPL

Or GitS: Stand-Alone Container?

There's already a GitS: SSD (2008)

Got me thinking about the ASCII Star Wars via telnet.

Tried the classic telnet towel.blinkenlights.nl but noticed that it doesn't allow me to connect. Anyone know if it's still available somewhere?

On IPv4, the server accepts the connection but closes it right after.

On IPv6, it works (as mentioned by others already).

`telnet towel.blinkenlights.nl 23` works just fine for me

Not for me. Maybe they have a connection limit which HN users are surpassing?

It works, it also greeted me with a "you use ipv6, you rock" message.

Doesn't work for me (outside Europe). Didn't work from US server too. Did work from UK VPS.

So maybe only works within Europe, or has some other IP/location restriction.

Works for me in Canada, but only using IPv6.

I think that was the joke. I was expecting something like that. Oooh, someone redid that for GitS? I stood there for a second processing how I just got pranked before I erupted in uproarious laughter.

I shot cola out of my nose in the middle of my office. My other coworkers were like 'Pass the link, I've never seen you laugh so hard'

Oh, that must have been taken down kind of recently. I believe I used it less than a year ago. :/

I'm not sure what I expected.

I can't wait for the Bash version of Ninja Scroll.

My thoughts exactly... Gave me a brief chuckle though.

The intro text is very impressive.

The actual “movie”, not so much

In my opinion it's much better than the live-action movie.

That's a shame. Seeing the link on HN I was expecting something epic like Star Asciimation Wars, not some silly Reddit level prank :/

Sorry about that, I was hoping someone on HN could explain more technically how this actually works.

Is it down?

  $ ssh ghost@theshell.xyz
  ssh_exchange_identification: Connection closed by remote host

Can someone tell me what it is please? I'm not connecting to some random server because it sounds suspicious.

It's a ghost. In a shell.

I'm not even being glib. That is what it is.

It was much better than <i>Cats</i>. I want to see it again and again.

Any chance of OP doing a technical write-up for this? This looks super cool

Sadly I'm not the creator of this, only the messenger. I was hoping someone on HN would be able to explain how this actually works.

The special effects are impressive!

Ghostly performance

Access denied


Better then original

For #%&$'s sake mods, why did you have to completely ruin it by editorialising the title?

The title is "GHOST IN THE SHELL | remake", please leave it as such.

edit: Thank you!

^ The title did spoil the contents for a while, it has been fixed.


nice remake!

Obligatory xkcd https://xkcd.com/686/

Nice ^^


Yes sire, very droll.

Loved the sountrack. Cant wait for the sequel

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact