OverTheWire: Bandit Level 18 to Level 19


Level goal: The password for the next level is stored in a file readme in the home directory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.

In this level, we need to connect using the ssh -t. The -t parameter basically opens a pseudo-tty within the session, with output in the same screen. The ssh session closes when the command completes. This way, you can quickly run a command before the connectivity closes and kicks you out with a “Byebye!”.

[email protected]:~$ ssh -t [email protected] cat readme
 The authenticity of host 'localhost (' can't be established.
 ECDSA key fingerprint is 05:3a:1c:25:35:0a:ed:2f:cd:87:1c:f6:fe:69:e4:f6.
 {... REMOVED ...}
 Permissions 0640 for '/home/bandit17/.ssh/id_rsa' are too open.
 It is required that your private key files are NOT accessible by others.
 This private key will be ignored.
 bad permissions: ignore key: /home/bandit17/.ssh/id_rsa
 [email protected]'s password:
 Connection to localhost closed.

Next, we run the same commands to check what is in the “readme” file.

[email protected]'s password:
Connection to localhost closed.

The password to gain access to the next level is IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x.


  • Pingback: OverTheWire: Bandit Write-up | My Learning Journey

  • Occupy 4 Elephants

    November 30, 2017

    ok so like this isn’t right at all

    • Wen Bin

      December 1, 2017

      What isn’t right? Let me know 🙂

  • Moonlight Kim

    July 23, 2018

    I am also interested in computer security. I want to know whether overthewire teaches linux command or real hacking? And do you recommend using it as a beginner and for how long? What are steps do I need to take if I want to be skilled in web app security? Do you recommend any CTFs or wargames website related to web app for beginner like me? Please excuse me if my questions are too much or if there is any inappropriate things mentioned. I hope you will be glad to share your idea to me. Thanks

    • kongwenbin

      August 6, 2018

      Hi Moonlight, thanks for the questions. OverTheWire: Bandit is essentially a CTF which provide you with short challenges as you progress through the stages and capture the flag. Note that CTFs usually won’t spoonfeed you with answers, but their questions would often provide you with some learning along the way as you look up different ways to solve them. In my opinion, the Bandit series is pretty good for a beginner as it helped me learn many new things when I was solving them back then. 🙂


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.