* Michael D. Schleif (mds@helices.org) [020929 16:25]: :: ::I am very frustrated. An associate installed SuSE on a server to which ::I am remotely ssh'd. :: ::I cannot find adequate documentation for yast/yast2 anywhere. In fact, ::there is *NO* man yast2 !?!? :: ::I don't know why this box -- supposedly patched and fully updated by my ::associate -- is running sshd and openssl through which every script ::kiddie can skip; but, I also cannot figure out how to upgrade this beast If your associate has patched this machine with the most current patches then a "script kiddie" can no more skip through that box then a normal use can. Do not mistake the version number of OpenSSL as an invite to run rampant through the system. SuSE patches the current version number that came with the CD's, so if the 8.0 system had 0.9.6c come with it then they would patch that version and release new packages of the same number. Make no mistake that this is insecure. SuSE does this as not to break many other things that come with the system such as ALL of KDE and many other packages. They don't wish to release 100's of rebuilt pkgs just because one pkg that the others use is broken. If your associate has any clue about security then he has setup privsep and run's all of the ssh connections in a chrooted environment which is the prudent thing to do. OpenSSH and OpenSSL are not at issue here. The air between the keyboard and the chair are. A compitant admin keeps abreast of what's going on and tries to keep the system safe as possible. Nothing is sure fire as far as security accept removing the CDROM, Floppy drive, network cable and basically shutting the machine off. If there is a problem then a cracker will find it. But keeping up on such things makes it a little bit better. You can find documentation on YaST2 and it's modules here. What you use to access them is a simple web browser or the help tool that comes with SuSE. The html files are here. /usr/share/doc/packages I would suggest using the SuSE Help Centre to get the information you desire. What I would do is this. SSH to the machine in question and display the helpcentre through an encrypted ssh tunnel. Then run through documents you wish to see. By default SuSE's install of ssh doesn't do ssh X forwarding so you will have to do this.. ssh -X user@domain Then you should be able to execute the help system executable to have it displayed on your own system. The executable is "susehelpcenter". If your running Windows or something else to access the system you will need an X server to do this. Cheers! -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.