On Wed, Oct 06, 1999 at 04:06:41AM +0000, Stephen Carville wrote:
|
| I use telnet on the private side of my home LAN but ssh in the
| Internet side. I do not have all the security details correct yet. I
| have installed ssh2 on my Firewall/NAT server (my employer is using
| ssh2 for UNIX remote access) and I just have to figure out how to lock
| the machine down so the Internet side is super secure but the intranet
| side is more lax
I assume you are alraedy aware of this, but just in case: there are
nice examples for setting up your security config in the linux
IPCHAINS HOWTO (I figure you are using ipchains in your firewall). In
my case the "firewall" is also my primary workstation at home, so I've
opted to have as few services running on it as possible (no inted, no
telnetd, ...)
At some point my employer upgraded from ssh1 to ssh2, mainly because
it provides sftp; however (after many complaints from users re: slow
connections), the sysadmin has decided to go back to ssh1. And as for
sftp: it would have been nice if it were a drop-in replacement for
ftp, but it's not. For instance, you can't use it as a replacement for
ftp in emacs' ange-ftp.
In any case - 'nuff said. there are not Mandrake issues after all ;)
Later,
-- Alex
