Hi Dieter, don`t know if i already answered, but this is still in my Inbox. Dieter Kirchner schrieb:
Hi,
Yes, if you need to update ssh remotly. sshd got a lot of security
ouch, don`t tell such things in this list. Might be read by a newbee.
Again, there is _no_ need to enable telnet just for an sshd update.
I needed this setup once while adjusting sshd pam config. I agree that for a normal update there is no need for telnetd, but messing around with login software on a remote root server can be tricky. It's nice to have a plan B, and IMHO the risk enabling telnetd for some minutes is acceptable. The passwords should be changed after using telnet, of course.
Your newbees will prefer to call the provider if somethings going wrong (and pay for that service) :-)
no, "my" newbees, especially those visiting my Network Courses, and often also those visiting my Administration Courses prefer to use their already running SSH-Shell to reconfigure the new SSH-Server and try again. (Remember i mentioned man sshd, man kill.) And yes, there is a little risk of Power failure when having a non working ssh-Configuration. You can get around this, by preparing telnetd for starting after a reboot. But what if the unplaned Shutdown corrupts the File System ;-(( (Don`t forget to sync after every Command and to disable telnet afer configuring Session. SCNR) But anyway, i don`t think "my" newbees will be paying for a misconfiguration due to a Power Failure (at/by ??) the Provider. Greetings Dirk
Ciao, Dieter
TRIA IT-consulting GmbH Joseph-Wild-Stra?e 20 81829 Munchen Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de -------------------------------------------------------- working hard | for your success -------------------------------------------------------- Registergericht Munchen HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschaftsfuhrer: Richard Hofbauer Rosa Igl -------------------------------------------------------- Nachricht von: dirk.schreiner@tria.de Nachricht an: suse-security@suse.com # Dateianhange: 0 Die Mitteilung dieser E-Mail ist vertraulich und nur fur den oben genannten Empfanger bestimmt. Wenn Sie nicht der vorgesehene Empfanger dieser E-Mail oder mit der Aushandigung an ihn betraut sind, weisen wir darauf hin, da? jede Form der Kenntnisnahme, Veroffentlichung, Vervielfaltigung sowie Weitergabe des Inhalts untersagt ist. Wir bitten Sie uns in diesem Fall umgehend zu unterrichten. Vielen Dank The information contained in this E-Mail is privileged and confidental intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient or competent to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this E-Mail is strictly prohibited. If you have received this E-Mail in error, please notify us immediately. Thank you