Ok, did I just miss it or something? I was looking for HARDENSUSE on my CD-ROMs for 7.1 but don't see it there. Any help, folks? TIA, Geordon
At 02:39 PM 14/04/2001, you wrote:
Ok, did I just miss it or something? I was looking for HARDENSUSE on my CD-ROMs for 7.1 but don't see it there.
It is most definately on my SuSE 7.1 DVD/CD Set It is in the Security section as per usual. Cheers --- Nix - nix@susesecurity.com http://www.susesecurity.com
I'm tellin' ya, it's not on my disks. I looked in SEC1 and SEC2 on the CDs (I don't have a DVD-ROM drive), and it's not there. The "version" of my CDs is 2001012917. DOes that help any? If I do: zgrep harden /cdrom/INDEX.gz I get a big, fat "nothing" as a result. Any other ideas? ----- Original Message ----- From: "Nix" <suse@nix.hispeed.com> To: <suse-security@suse.com> Sent: Saturday, April 14, 2001 12:21 AM Subject: Re: [suse-security] HArdenSuSE for 7.1???
At 02:39 PM 14/04/2001, you wrote:
Ok, did I just miss it or something? I was looking for HARDENSUSE on my CD-ROMs for 7.1 but don't see it there.
It is most definately on my SuSE 7.1 DVD/CD Set It is in the Security section as per usual.
Cheers
--- Nix - nix@susesecurity.com http://www.susesecurity.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-securi From suse-security-return-6649-gvantass=thecoventree.com@lists.suse.com Sat Apr 14 00:47:23 2001 Return-Path: <suse-security-return-6649-gvantass=thecoventree.com@lists.suse.com> Delivered-To: gvantass@localhost.thecoventree.com Received: from localhost (localhost [127.0.0.1]) by castle.thecoventree.com (Postfix on SuSE Linux 7.1 (i386)) with ESMTP id CDD27366 for <gvantass@localhost>; Sat, 14 Apr 2001 00:47:22 -0500 (CDT) Received: from pop3.thecoventree.com by localhost with POP3 (fetchmail-5.6.0) for gvantass@localhost (single-drop); Sat, 14 Apr 2001 00:47:23 -0500 (CDT) Received: from lists.suse.com (host1.SuSE.com [202.58.118.3]) by invincible.cnchost.com id BAA11663; Sat, 14 Apr 2001 01:45:35 -0400 (EDT) [ConcentricHost SMTP MX 1.21] Errors-To: <suse-security-return-6649-gvantass=thecoventree.com@lists.suse.com> Received: (qmail 812 invoked by alias); 14 Apr 2001 05:45:22 -0000 Mailing-List: contact suse-security-help@suse.com; run by ezmlm Precedence: bulk X-No-Archive: yes list-help: <mailto:suse-security-help@lists.suse.com> list-unsubscribe: <mailto:suse-security-unsubscribe@lists.suse.com> list-post: <mailto:suse-security@suse.com> X-Mailinglist: suse-security Delivered-To: mailing list suse-security@lists.suse.com Received: (qmail 805 invoked from network); 14 Apr 2001 05:45:22 -0000 Date: Sat, 14 Apr 2001 07:43:41 +0200 (CEST) From: =?ISO-8859-15?Q?Peter_M=FCnster?= <peter@univ-rennes1.fr> To: Ashley <ashleyg@dnai.com> Cc: <suse-security@suse.com> In-Reply-To: <20010413084725.A5270@rose.ashnet> Message-ID: <Pine.LNX.4.30.0104140740560.8407-100000@gmv.spm.univ-rennes1.fr> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-15 Content-Transfer-Encoding: 8BIT Subject: Re: [suse-security] ssh-agent X-UIDL: 20064
On Fri, 13 Apr 2001, Ashley wrote:
I run ssh-agent and get:
ashley@myhost:~ > ssh-agent SSH_AUTH_SOCK=/tmp/ssh-XXap8e9I/agent.27104; export SSH_AUTH_SOCK; SSH_AGENT_PID=27105; export SSH_AGENT_PID; echo Agent pid 27105;
Hello Ashley, I don't know about ssh-agent, but perhaps "eval `ssh-agent`" is, what you want. Cheers, Peter
-- Peter Münster http://notrix.net/pm-vcard
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Another update: As seen on Marc's page (http://www.suse.de/~marc/SuSE.html): Harden SuSE v3.2 (http://www.suse.de/~marc/harden_suse-3.2.tar.gz)- 7th April 2001 (Hardening script for SuSE to run after installing, creates also an undo script) Description (http://www.suse.de/~marc/harden_suse.html), on SuSE since v6.1, works only on SuSE If we look into the sourcecode of hardensuse we will see this: # # # Harden SuSE Linux 6.0 - 7.1, Perl Script by Marc Heuse <marc@suse.de> # ^^^^^there we got it !! It *DOES* support SuSE Linux 7.1 :-)))) Bye, Gunther
ATTENTION: there seems to be a possible bug (or did i misconfigure harden_suse)?? After running harden_suse no remote login to my machine was possible. The fault can be found in /etc/hosts.deny cat /etc/hosts.deny # # This config file was changed by the harden_suse script to enforce a # strict security on your system. # This configuration was changed on the Sat Apr 14 13:36:26 CEST 2001. # harden_suse v3.2 (07-April-2001) by Marc Heuse <marc@suse.de> # # Think twice before changing an option. # # See tcpd(8) and hosts_access(5) for a description. http-rman : ALL EXCEPT LOCAL ALL: ALL EXCEPT localhost ^^^^^^ *UNCOMMENT* this entry, otherwise it won't be possible to log in using ssh or telnet Bye, Gunther btw: sorry, that I didn't provide my real name before - it is Gunther Stammwitz -----Ursprungliche Nachricht----- Von: gstammw [mailto:gstammw@gmx.net] Gesendet: Samstag, 14. April 2001 13:39 An: suse-security@suse.com Betreff: AW: [suse-security] HArdenSuSE for 7.1??? Wichtigkeit: Hoch Another update: As seen on Marc's page (http://www.suse.de/~marc/SuSE.html): Harden SuSE v3.2 (http://www.suse.de/~marc/harden_suse-3.2.tar.gz)- 7th April 2001 (Hardening script for SuSE to run after installing, creates also an undo script) Description (http://www.suse.de/~marc/harden_suse.html), on SuSE since v6.1, works only on SuSE If we look into the sourcecode of hardensuse we will see this: # # # Harden SuSE Linux 6.0 - 7.1, Perl Script by Marc Heuse <marc@suse.de> # ^^^^^there we got it !! It *DOES* support SuSE Linux 7.1 :-)))) Bye, Gunther --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
At 09:55 PM 14/04/2001, you wrote:
ATTENTION: there seems to be a possible bug (or did i misconfigure harden_suse)??
After running harden_suse no remote login to my machine was possible. The fault can be found in /etc/hosts.deny
cat /etc/hosts.deny # # This config file was changed by the harden_suse script to enforce a # strict security on your system. # This configuration was changed on the Sat Apr 14 13:36:26 CEST 2001. # harden_suse v3.2 (07-April-2001) by Marc Heuse <marc@suse.de> # # Think twice before changing an option. # # See tcpd(8) and hosts_access(5) for a description.
http-rman : ALL EXCEPT LOCAL
ALL: ALL EXCEPT localhost ^^^^^^ *UNCOMMENT* this entry, otherwise it won't be possible to log in using ssh or telnet
http://www.susesecurity.com/faq/index.html#sshd_cant_connect Cheers --- Nix - nix@susesecurity.com http://www.susesecurity.com
Hello, I'm sorry but you are wrong. It is NOT on the CDs. As sdb.suse.de says harden_suse wasn't ready when suse started shipping the 7.1 version. The german text below also says, that hardsen_suse (that's the correct name, yes...) should be available for download very soon. My question is: *WHEN* will it be available ? harden_suse: harden_suse ist leider nicht rechtzeitig zu SuSE Linux 7.1 fertig geworden. Die vorherige Version ist au?erdem inkompatibel zur aktuellen Version. Wir werden jedoch in Kurze ein Update von harden_suse zum Download anbieten. -----Ursprungliche Nachricht----- Von: Nix [mailto:suse@nix.hispeed.com] Gesendet: Samstag, 14. April 2001 07:21 An: suse-security@suse.com Betreff: Re: [suse-security] HArdenSuSE for 7.1??? At 02:39 PM 14/04/2001, you wrote:
Ok, did I just miss it or something? I was looking for HARDENSUSE on my CD-ROMs for 7.1 but don't see it there.
It is most definately on my SuSE 7.1 DVD/CD Set It is in the Security section as per usual. Cheers --- Nix - nix@susesecurity.com http://www.susesecurity.com --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hello,
I'm sorry but you are wrong. It is NOT on the CDs.
As sdb.suse.de says harden_suse wasn't ready when suse started shipping
7.1 version. The german text below also says, that hardsen_suse (that's
Thanks! I'm glad to know that it wasn't just my blindness and enforced use of MS products that were causing a melt-down in my finding the script. Also, thanks for the pointer to Marc's site. I have happily run HArden_SuSE and pleased with the result. Thanks ^1M ----- Original Message ----- From: "gstammw" <gstammw@gmx.net> To: <suse-security@suse.com> Sent: Saturday, April 14, 2001 6:38 AM Subject: AW: [suse-security] HArdenSuSE for 7.1??? the the
correct name, yes...) should be available for download very soon. My question is: *WHEN* will it be available ?
harden_suse: harden_suse ist leider nicht rechtzeitig zu SuSE Linux 7.1 fertig geworden. Die vorherige Version ist au?erdem inkompatibel zur aktuellen Version. Wir werden jedoch in Kurze ein Update von harden_suse zum Download anbieten.
-----Ursprungliche Nachricht----- Von: Nix [mailto:suse@nix.hispeed.com] Gesendet: Samstag, 14. April 2001 07:21 An: suse-security@suse.com Betreff: Re: [suse-security] HArdenSuSE for 7.1???
At 02:39 PM 14/04/2001, you wrote:
Ok, did I just miss it or something? I was looking for HARDENSUSE on my CD-ROMs for 7.1 but don't see it there.
It is most definately on my SuSE 7.1 DVD/CD Set It is in the Security section as per usual.
Cheers
--- Nix - nix@susesecurity.com http://www.susesecurity.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (5)
-
Geordon VanTassle -
gstammw -
Gunther Stammwitz
-
Nix -
semat