Controll
Lars Kellogg-Stedman
lars at larsshack.org
Tue Feb 29 07:12:35 EST 2000
> samba server, which is a box on the floor, plugged into the network,
> to answer telnet only to my desktop box.
> [...]
> Are there other ways to do the admin? I don't
> need X, just command line stuff. For instance, serial connections or
> something similar?
A serial connection will certainly work -- I've got an old VT220 terminal
attached to my gateway box. However, I use it only in emergencies (i.e.,
if the network has died, or I've horked the system with an improperly
configured kernel).
My personal preference is to use ssh (the secure shell program), which lets
one connect to a remote host using an encrypted channel so that one's
password can't be sniffed over the wire.
This means I can access my gateway box (and my internal network) remotely
without worrying about nasties in the intervening networks.
ssh has several other features that make it a good choice for remote access
in general:
(1) ssh takes care of X11 forwarding automatically (and securely).
X connections are forwarded over your secure connection, so
(a) you don't have to set anything up manually, and (b) noone
is going to be able to sniff your X session.
(2) ssh can be used to provide generic port-forwarding services; that is,
you can set it up so that (for instance) connection to port 143 on
your gateway box will actually connection you to an IMAP server at
work -- at the same time encrypting all your traffic between the
gateway box and some other system at work.
(3) ssh has flexible authentication options. Besides using passwords,
you can also use a public/private key mechanism that can be
especially convenient if you're making lots of connections and are
tired of having to type your password everytime. Using the RSA
method, you can authenticate once to your local ssh software and then
connection to properly configured systems without having to
re-authenticate.
There are ssh rpms for RedHat available from ftp.zedz.net. You may also
want to check out OpenSSH, based on code from the OpenBSD folks, at
http://violet.ibs.com.au/openssh/
-- Lars
--
Lars Kellogg-Stedman <lars at larsshack.org> --> http://www.larsshack.org/
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list