jam wrote: > On Friday 17 October 2008 01:47:37 [EMAIL PROTECTED] > wrote: >>>>> Personally I don't see the benefit to have an additional SSH server >>>>> by default running... if your network isn't firewalled, you've got a >>>>> lot more to worry about than an open SSH port. It's common network >>>>> administration practice to have a firewall in place - and who gives >>>>> their LTSP server a public IP address, anyway? >>>> My ltsp server is firewalled _and_ I need to access it via ssh on the >>>> internet. Therefore it makes perfect sense to have a daemon on a >>>> firewalled port taking connections from the tc, and a second daemon on >>>> a NATed port accepting connections from whitelisted administrators >>> I've resisted adding my $.02 three times in this digest, finally succomed >>> :-) >>> >>> Security through complexity is dumb and ends up biting you: >>> >>> My server is on a 192.168. From the WORLD it is only available via a non >>> standard port, internally 22 and ltsp is bog standard. >>> >>> Port forwarding done by a Dlink 604T, cost 1 hour labour. >> Me too--server runs single sshd on port 22, router forwards nonstandard >> port to port 22 on server. > > As previous digest-mail said ssh on 2 ports is trivial
After having done it on 3 different machines, I'm pretty comfortable with it now but I still wouldn't call it trivial. Regardless, I had to do some research and made some mistakes before I got it right the first time. Since then, I've seen at least 3 others on this list ask how to do it. This indicates to me that there is a need for this. -Rob ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
