m0gely wrote:
> If you're using an up-to-date sshd, and employ good password practices,
> what's the point of doing all this? Honest question.
As the OP here's the background story.
At work we manage several thousand switches and routers.
We're replacing our management platform with a new one.
There is an internal requirement to NEVER use clear text protocols.
So to put a new IOS image on a Cisco device we use SCP.
The new management app has two features:
it has the Cisco devices pull configs, images, everything
its default port for serving these resources is 8022
Complicating factors:
The Cisco devices cannot be configured to SCP to a different port than 22[1]
We do normal management via ssh - aka port 22
In order to not confuse the beejesus out of all the groups that currently ssh
to boxes we are loath to move SSH to a non-standard port.
Therefore:
We want to have the incoming port 22 connection from switches and routers (we
know the IPs involved) redirected to port 8022 to connect with the management
app software.
[1] If you know otherwise and how, please share.
--
Michael Rasmussen
http://www.jamhome.us/
Be Appropriate && Follow Your Curiosity
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
