I do this to manage my remote voice networks. I have a server setup (running Mandrake with msec in paranoid mode) that allows me SSH in as user (not as root) but only using keys - no passwords. From there I can jump around internally and do what needs to be done.
I also run a script called DenyHosts on the box. this looks at any IP address trying to gain ssh access and then firewalls away that IP on the third strike. Since I'm using Keys to login there isn't much chance that I will accidentally setup the script and lock out my IP. Jon On Mon, 2006-01-30 at 20:49, Greg Brown wrote: > All: > > After screwing up my outer banks server for the last time I have elected to > go with a read-only ssh gateway of sorts for my remote network. I have a > three port x86 compatible device with a CF reader that I can use for this > project. I have searched a bit for various distributions and have turned up > a few but I wanted to ping the list to see what was you used. My > requirements are: > > 1. read only > 2. ssh server > 3. squid would be nice, but not required > 4. nmap > > That's about it. This device will have two interfaces and one will be the > interface the firewall forwards ssh requests to. Once I'm logged in I can > hop around to the other APs or ssh devices as needed. > > Suggestions? > > Greg -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
