nanog mailing list archives
Re: Remote Shell
From: "Adam D. McKenna" <adam () flounder net>
Date: Tue, 29 Sep 1998 01:16:18 -0400
This will work if you have no passphrase on your RSA key. This is a *really* stupid thing to do, IMHO, especially to a root account, as anyone who manages to get access to your ~/.ssh/identity file will be able to log into any host that you have set this up on, without a password. While it's a little more secure than .rhosts authentication, the absence of any kind of password/passphrase validation makes it (again IMHO) an undesirable option for the security conscious. --Adam -----Original Message----- From: Zachary McGibbon <mzac () uunet ca> To: Roeland M.J. Meyer <rmeyer () mhsc com> Cc: Benicio Miguel Sanchez Fuentes <bsanchez () alestra com mx>; NorthAm Net Ops Grp List <nanog () merit edu> Date: Tuesday, September 29, 1998 1:42 AM Subject: Re: Remote Shell You can perform 'rsh' type commands with ssh as well... here's an example: /# ssh servername w root@servername's password: <type password here> 10:45pm up 19 days, 6:31, 2 users, load average: 0.18, 0.11, 0.09 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root ttyp0 client 8:08pm 2:37m 0.27s 0.10s You can also setup authorized keys on the server side. In your home dir on the server, go into the '.ssh' dir, and create a file called 'authorized_keys', then on your workstation, type 'ssh-keygen'. In your home dir, go into '.ssh' and take the contents of 'identity.pub' and copy that to the 'authorized_keys' on the server side. Then 'chmod 600 authorized_keys' on the server side. Then it won't ask you for a password when you ssh to that machine. It's usefull if you want to set this up as a cronjob to do something on a remote machine. On Mon, 28 Sep 1998, Roeland M.J. Meyer wrote:
Set up SSH <http://www.datafellows.com> and open port 22. I would NOT allow plain ol' telnet over the Internet. SSH is free for non-commercial use and is works quite well under HP-UX. At 01:32 PM 9/28/98 -0500, you wrote:I need to give remote shell access to a user in a server (an HP-9000 k410 running HP-UX 10.10) conected to mine through a 3Com router, I have done some investigation and what I have found is that I have to open port 514 for tcp, for some reason this did not work, so I opened (temporarily of course) all the ports on the router....and it worked, but I donĀ“t want to leave it like that, Does anyone now what port(s) I need to leave open to alow the remote shells?. Is there any configuration needed other than the equiv.hosts and (or) the .rhosts files ? Thanks in advance for your answers Benicio Sanchez Network Operations Engineer Alestra_________________________________________________ Morgan Hill Software Company, Inc. Colorado Springs, CO - Livermore, CA - Morgan Hill, CA Domain Administrator MHSC2-DOM and MHSC3-DOM Administrative and Technical contact ____________________________________________ InterNIC Id: MHSC hostmaster (HM239-ORG) e-mail: <mailto:hostmaster () mhsc com>mailto:hostmaster () mhsc com web -pages: <http://www.mhsc.com/>http://www.mhsc.com/ ____________________________________________ A group of politicians deciding to dump a President because his morals are bad is like the Mafia getting together to bump off the Godfather for not going to church on Sunday. -- Russell Baker
Zachary McGibbon mzac () uunet ca
Current thread:
- Remote Shell Benicio Miguel Sanchez Fuentes (Sep 28)
- Re: Remote Shell Roeland M.J. Meyer (Sep 28)
- Re: Remote Shell Zachary McGibbon (Sep 28)
- Re: Remote Shell Chris Cappuccio (Sep 28)
- Re: Remote Shell Zachary McGibbon (Sep 28)
- <Possible follow-ups>
- Re: Remote Shell Sudeep_Khuraijam (Sep 28)
- Re: Remote Shell Adam D. McKenna (Sep 28)
- Re: Remote Shell Roeland M.J. Meyer (Sep 29)
- Re: Remote Shell Ingo Luetkebohle (Sep 29)
- Re: Remote Shell Roeland M.J. Meyer (Sep 28)