Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Remote Shell

  • From: Chris Cappuccio
  • Date: Tue Sep 29 00:22:06 1998

On Mon, 28 Sep 1998, Zachary McGibbon wrote:

 | You can perform 'rsh' type commands with ssh as well... here's an example:
 | 
 | /# ssh servername w
 | root@servername's password: <type password here>
 |  10:45pm  up 19 days,  6:31,  2 users,  load average: 0.18, 0.11, 0.09
 | USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU  WHAT
 | root     ttyp0    client            8:08pm  2:37m  0.27s  0.10s
 | 
 | You can also setup authorized keys on the server side.  In your home dir
 | on the server, go into the '.ssh' dir, and create a file called
 | 'authorized_keys', then on your workstation, type 'ssh-keygen'.  In your
 | home dir, go into '.ssh' and take the contents of 'identity.pub' and copy
 | that to the 'authorized_keys' on the server side.  Then 'chmod 600
 | authorized_keys' on the server side.  Then it won't ask you for a password
 | when you ssh to that machine.  It's usefull if you want to set this up as
 | a cronjob to do something on a remote machine.
 | 
 | 

You might want to make sure "RhostsRSAauth..." is turned on with sshd and
create a file called .shosts in your home dir with 

dqc.org chris

(host, user)

Of course this depends on the security of the client machine..If someone
compromises the client identity file (root or the client account basically..)
and then can fake for .shosts, your security is compromised.  Without
RhostsRSA, and just doing what Zach listed above, it will ask for the key's
password...

 | On Mon, 28 Sep 1998, Roeland M.J. Meyer wrote:
 | 
 | > Set up SSH <http://www.datafellows.com> and open port 22. I would NOT allow
 | > plain ol' telnet over the Internet. SSH is free for non-commercial use and
 | > is works quite well under HP-UX.
 | > 
 | > 
 | > 
 | > At 01:32 PM 9/28/98 -0500, you wrote:
 | > >I need to give remote shell access to a user in a server (an HP-9000 k410
 | > >running HP-UX 10.10) conected to mine through a 3Com router, I have done
 | > >some investigation and what I have found is that I have to open port  514
 | > >for tcp, for some reason this did not work, so I opened (temporarily of
 | > >course) all the ports on the router....and it worked, but  I donīt want to
 | > >leave it like that, Does anyone now what port(s)  I need to leave open to
 | > >alow the remote shells?.
 | > >
 | > >Is there any configuration needed other than the equiv.hosts and (or) the
 | > >.rhosts files ?
 | > >
 | > >Thanks in advance for your answers
 | > >
 | > >Benicio Sanchez
 | > >Network Operations Engineer
 | > >Alestra
 | > >
 | > 

---
"Microsoft is to quality software what McDonalds is to gourmet cooking"





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.