Re: Remote Shell

["Adam D. McKenna" <adam () flounder net>]

This will work if you have no passphrase on your RSA key.  This is a *really*
stupid thing to do, IMHO, especially to a root account, as anyone who manages
to get access to your ~/.ssh/identity file will be able to log into any host
that you have set this up on, without a password.  While it's a little more
secure than .rhosts authentication, the absence of any kind of
password/passphrase validation makes it (again IMHO) an undesirable option for
the security conscious.

--Adam
-----Original Message-----
From: Zachary McGibbon <mzac () uunet ca>
To: Roeland M.J. Meyer <rmeyer () mhsc com>
Cc: Benicio Miguel Sanchez Fuentes <bsanchez () alestra com mx>; NorthAm Net Ops
Grp List <nanog () merit edu>
Date: Tuesday, September 29, 1998 1:42 AM
Subject: Re: Remote Shell


You can perform 'rsh' type commands with ssh as well... here's an example:

/# ssh servername w
root@servername's password: <type password here>
10:45pm  up 19 days,  6:31,  2 users,  load average: 0.18, 0.11, 0.09
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU  WHAT
root     ttyp0    client            8:08pm  2:37m  0.27s  0.10s

You can also setup authorized keys on the server side.  In your home dir
on the server, go into the '.ssh' dir, and create a file called
'authorized_keys', then on your workstation, type 'ssh-keygen'.  In your
home dir, go into '.ssh' and take the contents of 'identity.pub' and copy
that to the 'authorized_keys' on the server side.  Then 'chmod 600
authorized_keys' on the server side.  Then it won't ask you for a password
when you ssh to that machine.  It's usefull if you want to set this up as
a cronjob to do something on a remote machine.


On Mon, 28 Sep 1998, Roeland M.J. Meyer wrote:

> Set up SSH <http://www.datafellows.com> and open port 22. I would NOT allow
> plain ol' telnet over the Internet. SSH is free for non-commercial use and
> is works quite well under HP-UX.
>
>
>
> At 01:32 PM 9/28/98 -0500, you wrote:
> > I need to give remote shell access to a user in a server (an HP-9000 k410
> > running HP-UX 10.10) conected to mine through a 3Com router, I have done
> > some investigation and what I have found is that I have to open port  514
> > for tcp, for some reason this did not work, so I opened (temporarily of
> > course) all the ports on the router....and it worked, but  I don´t want to
> > leave it like that, Does anyone now what port(s)  I need to leave open to
> > alow the remote shells?.
> >
> > Is there any configuration needed other than the equiv.hosts and (or) the
> > .rhosts files ?
> >
> > Thanks in advance for your answers
> >
> > Benicio Sanchez
> > Network Operations Engineer
> > Alestra
>
> _________________________________________________
> Morgan Hill Software Company, Inc.
> Colorado Springs, CO - Livermore, CA - Morgan Hill,
> CA
> Domain Administrator
> MHSC2-DOM and MHSC3-DOM
> Administrative and Technical contact
> ____________________________________________
> InterNIC Id: MHSC hostmaster (HM239-ORG)
> e-mail: <mailto:hostmaster () mhsc com>mailto:hostmaster () mhsc com
> web -pages: <http://www.mhsc.com/>http://www.mhsc.com/
> ____________________________________________
> A group of politicians deciding to dump a President because his morals
> are bad is like the Mafia getting together to bump off the Godfather for
> not going to church on Sunday.
>                 -- Russell Baker


Zachary McGibbon
mzac () uunet ca