On Mon, Mar 27, 2006 at 07:04:44PM -0800, maxim wexler wrote > Okay, I'll try it. Can you give me some hints on how > to edit the config file keeping in mind it's only for > a crossover LAN and security is _not_ and issue? It's > to spare me the ordeal of downloading to one machine > and then having to burn to a CD just so I can put it > on another machine 5 feet away.
Step 1 is to make sure that you can traceroute or ping from one machine to the other. Once you know that you're connected, you can "emerge openssh". You can run with /etc/ssh/sshd_config left at default values. But you'll want to make a few changes after that. The reasons for using keys rather than passwords are security and convenience. A 1024-bit key is a helluva lot harder to break than brute-forcing userID password combos. And you won't have to enter your password each time you connect to the host. This allows you to use scp in scripts and even in cron jobs. Make sure that sshd is running on the target machine. "/etc/init.d/sshd start" starts it. Put it into default with etc-update to have it come up at bootup. Some notes... - 1st time you try to connect to a host you'll be asked to confirm. If you say yes, the host will be listed in ~/.ssh/known_hosts. If that host ever changes IP address, ssh will scream blue murder when you try to connect to it. - to start a telnet-like SecureSHell (hence the name "ssh") session you connect like one of the following example lines... ssh [EMAIL PROTECTED] ssh [EMAIL PROTECTED] - to copy file(s) from target machine to you... scp [EMAIL PROTECTED]:filename . scp [EMAIL PROTECTED]:photos/*.jpeg myphotos/ - to copy entire directory from target machine to you... scp -r [EMAIL PROTECTED]:photos . scp -r [EMAIL PROTECTED]:photos myphotos/ - to copy from your machine to the target machine, the examples look like so... scp [EMAIL PROTECTED]:filename . scp [EMAIL PROTECTED]:photos/*.jpeg myphotos/ scp -r photos [EMAIL PROTECTED]:. scp -r myphotos [EMAIL PROTECTED]:photos/ -- Walter Dnes <[EMAIL PROTECTED]> In linux /sbin/init is Job #1 My musings on technology and security at http://tech_sec.blog.ca -- gentoo-user@gentoo.org mailing list