on Thu, Jun 09, 2005 at 08:02:06PM -0400, Robert Brockway ([EMAIL PROTECTED])
wrote:
> On Thu, 9 Jun 2005, Roberto C. Sanchez wrote:
>
> > Sadly, most people (myself included) have no passphrase on their SSH
>
> Hi. Using PKI with no passphrase drops the level of security
> significantly (as I
Jon Dowland wrote:
Hi - you appear to have the wrong date set on your computer. Your post
claims to be from 07/08/05 (which to me reads '7th of august 2005',
but could be interpreted as '8th july 2005, too). As you're using
gmail, I'm not sure how that's happened?
The wrong date is becouse m
Hi - you appear to have the wrong date set on your computer. Your post
claims to be from 07/08/05 (which to me reads '7th of august 2005', but
could be interpreted as '8th july 2005, too). As you're using gmail, I'm
not sure how that's happened?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
On Fri, 17 Jun 2005, Mitja Podreka wrote:
> I have ADSL connection without fixed IP, can I then set some kind of IP net
> mask to restrict access from other IP?
Yes you can. SSh can do this itself (if compiled against TCP Wrappers),
or better you can get a firewall to do it.
It is generally ac
- Original Message -
From: Mitja Podreka
To: debian-user@lists.debian.org
Sent: Friday, June 17, 2005 10:05 AM
Subject: Re: Remote administration of a server
Steve Garcia wrote:
You're pretty much correct -- the only really big problem is if
something gets so wedged that you h
Steve Garcia wrote:
You're pretty much correct -- the only really big problem is if
something gets so wedged that you have to hit the reset button. If
there is someone you can call to ask them to hit the button for you, you
can handle everything else remotely with no trouble.
I will have peopl
Robert Brockway <[EMAIL PROTECTED]>:
> On Sat, 11 Jun 2005, s. keeling wrote:
>
> > And if anyone can get at your console, they can CTRL-ALT-Backspace to
> > get to a logged in shell prompt. They may not still have your ssh-add
>
> No they can't. A session managed by a display manager does no
On Sat, 11 Jun 2005, s. keeling wrote:
> And if anyone can get at your console, they can CTRL-ALT-Backspace to
> get to a logged in shell prompt. They may not still have your ssh-add
No they can't. A session managed by a display manager does not fall back
to a shell. If you C-A-Backspace from
Robert Brockway <[EMAIL PROTECTED]>:
> On Thu, 9 Jun 2005, Roberto C. Sanchez wrote:
>
> > thing is a pain in the but. At least on the Linux machines it is
> > straightforward and I set those up when I can to use keys instead of
> > passwords.
>
> May I introduce you to ssh-agent and ssh-add.
On Thu, Jun 09, 2005 at 08:02:06PM -0400, Robert Brockway wrote:
> On Thu, 9 Jun 2005, Roberto C. Sanchez wrote:
>
> > Sadly, most people (myself included) have no passphrase on their SSH
>
> Hi. Using PKI with no passphrase drops the level of security
> significantly (as I'm sure you know).
>
On Thu, 9 Jun 2005, Roberto C. Sanchez wrote:
> Sadly, most people (myself included) have no passphrase on their SSH
Hi. Using PKI with no passphrase drops the level of security
significantly (as I'm sure you know).
> keys. I also end up bouncing aroud a variety of machines (some Fedora
> som
On Thu, Jun 09, 2005 at 06:25:48PM -0400, Robert Brockway wrote:
> On Thu, 9 Jun 2005, Marty wrote:
>
> PKI makes things much more difficult. An attacker would need both your
> private key and your passphrase to gain entry. Brute forcing an ssh
> daemon that only accepts PKI access is an intra
On Thu, 9 Jun 2005, Marty wrote:
> Regarding PKI, are there any Debian or non-Debian packages you recommend
Hi Marty. The ssh related packages in Debian contain everything you need.
> for this use? Can you elaborate on your reasoning here, for a
> non-expert in security, or at least point to
Robert Brockway wrote:
The key is that the console server should be no less secure than the
servers who's consoles it has. This is because if someone takes control
of the console server it is only a matter of time before they gain access
to the other boxes. Usually this isn't a big deal as a
On Wed, 8 Jun 2005, Mitja Podreka wrote:
> Can this 2nd box be my laptop or it must be something else?
It can be a laptop or anything else. Basically you aim to have Linux (or
another Unix) running on the laptop so you can ssh into this box and gain
access to the serial console of your server
If you're confortable with the command line (or prepared to become so)
this is pretty easy.
not yet comfortable, but I'm trying to be
You may need the console from time to time. The best option if you can
manage it is to setup a serial console. The down side is this requires a
2nd box cont
On Sun, 7 Aug 2005, Mitja Podreka wrote:
> I will have (I hope :-) no problems setting up the server, I've done that
> already. What I worry about is how to administer the server from China? Will I
> only lack the access to the reset button, or something more? Which software
> should I use for thi
17 matches
Mail list logo
