![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
I am very frustrated. An associate installed SuSE on a server to which I am remotely ssh'd. I cannot find adequate documentation for yast/yast2 anywhere. In fact, there is *NO* man yast2 !?!? I don't know why this box -- supposedly patched and fully updated by my associate -- is running sshd and openssl through which every script kiddie can skip; but, I also cannot figure out how to upgrade this beast ;< /sbin/yast2 online_update Starting download of patch descriptions from ftp.gwdg.de. Connected error_path Disconnected Can't get patches from server. Please try to get patches from another SuSE ftp server. What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/d2ae16d2527220461407a9fc43a651da.jpg?s=120&d=mm&r=g)
On Sun, 2002-09-29 at 16:23, Michael D. Schleif wrote:
I am very frustrated. An associate installed SuSE on a server to which I am remotely ssh'd.
I cannot find adequate documentation for yast/yast2 anywhere. In fact, there is *NO* man yast2 !?!?
I don't know why this box -- supposedly patched and fully updated by my associate -- is running sshd and openssl through which every script kiddie can skip; but, I also cannot figure out how to upgrade this beast ;<
/sbin/yast2 online_update
Starting download of patch descriptions from ftp.gwdg.de. Connected error_path Disconnected
Can't get patches from server. Please try to get patches from another SuSE ftp server.
What do you think?
--
Best Regards,
mds mds resource 888.250.3987
More than one person has been getting for the past few days...I had it on occaison also. Probably best thing is to try and launch yast and then go through the menu's trying to different FTP servers until one works. This also brings up another question...Anyone got the bandwidth for more servers perhaps? I know Red Carpet can do it, but thats aimed at workstations more I think. Matt
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
Note: I have been trying several ftp servers; but, no success . . . Matthew Johnson wrote:
On Sun, 2002-09-29 at 16:23, Michael D. Schleif wrote:
I am very frustrated. An associate installed SuSE on a server to which I am remotely ssh'd.
I cannot find adequate documentation for yast/yast2 anywhere. In fact, there is *NO* man yast2 !?!?
I don't know why this box -- supposedly patched and fully updated by my associate -- is running sshd and openssl through which every script kiddie can skip; but, I also cannot figure out how to upgrade this beast ;<
/sbin/yast2 online_update
Starting download of patch descriptions from ftp.gwdg.de. Connected error_path Disconnected
Can't get patches from server. Please try to get patches from another SuSE ftp server.
More than one person has been getting for the past few days...I had it on occaison also. Probably best thing is to try and launch yast and then go through the menu's trying to different FTP servers until one works.
<snip /> So, I have also tried plain old yast: yast Installation settings Select installation medium Installation from an FTP site ftp.suse.com /pub/suse/i386/current F5 CAUTION You are installing with a YaST of version 1.11 The version of YaST that belongs to the selected installation medium is 2.5. Please boot from the boot disk or the first CD and update your system while running in the boot environment. Remember, I am ssh'd into this box. How can I update yast to v2.5 ??? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/7ce72c46b6ab41ad3bb822a75c7ea410.jpg?s=120&d=mm&r=g)
* Michael D. Schleif (mds@helices.org) [020929 16:25]: :: ::I am very frustrated. An associate installed SuSE on a server to which ::I am remotely ssh'd. :: ::I cannot find adequate documentation for yast/yast2 anywhere. In fact, ::there is *NO* man yast2 !?!? :: ::I don't know why this box -- supposedly patched and fully updated by my ::associate -- is running sshd and openssl through which every script ::kiddie can skip; but, I also cannot figure out how to upgrade this beast If your associate has patched this machine with the most current patches then a "script kiddie" can no more skip through that box then a normal use can. Do not mistake the version number of OpenSSL as an invite to run rampant through the system. SuSE patches the current version number that came with the CD's, so if the 8.0 system had 0.9.6c come with it then they would patch that version and release new packages of the same number. Make no mistake that this is insecure. SuSE does this as not to break many other things that come with the system such as ALL of KDE and many other packages. They don't wish to release 100's of rebuilt pkgs just because one pkg that the others use is broken. If your associate has any clue about security then he has setup privsep and run's all of the ssh connections in a chrooted environment which is the prudent thing to do. OpenSSH and OpenSSL are not at issue here. The air between the keyboard and the chair are. A compitant admin keeps abreast of what's going on and tries to keep the system safe as possible. Nothing is sure fire as far as security accept removing the CDROM, Floppy drive, network cable and basically shutting the machine off. If there is a problem then a cracker will find it. But keeping up on such things makes it a little bit better. You can find documentation on YaST2 and it's modules here. What you use to access them is a simple web browser or the help tool that comes with SuSE. The html files are here. /usr/share/doc/packages I would suggest using the SuSE Help Centre to get the information you desire. What I would do is this. SSH to the machine in question and display the helpcentre through an encrypted ssh tunnel. Then run through documents you wish to see. By default SuSE's install of ssh doesn't do ssh X forwarding so you will have to do this.. ssh -X user@domain Then you should be able to execute the help system executable to have it displayed on your own system. The executable is "susehelpcenter". If your running Windows or something else to access the system you will need an X server to do this. Cheers! -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
Ben => Thank you, for your participation. No, my associate has very little idea what he is doing. Also, I think that you are mistaken in your assumptions of our system: # head /var/lib/YaST/update.inf # /var/lib/YaST/update.inf -- (c) 2001 SuSE GmbH # Basesystem: SuSE-Linux-SLES-i386-7.2.0#0 DefaultInstsrcFTP: ftp.suse.com:/pub/suse/i386/current ftp.gwdg.de:/pub/linux/suse/i386/current ftp.uni-freiburg.de:/pub/linux/suse PTFcrstsnItluafed: DefaultSrcPatchFTP: ftp.suse.com:/pub/suse/i386/update/7.2 Distribution_Name: SuSE-Linux-SLES-i386 # find / | grep lib | grep -i openssl /usr/share/doc/packages/openssl-doc/ssl/SSL_library_init.pod /var/lib/YaST/patches/i386/update/7.2/patches/openssl-5395.20020929.installed /var/lib/YaST/patches/i386/update/7.2/sec1/openssl-0.9.6a-69.i386.rpm /var/lib/YaST/patches/i386/update/7.2/d2/openssl-devel-0.9.6a-69.i386.rpm /var/lib/YaST/patches/i386/update/7.2/doc3/openssl-doc-0.9.6a-69.i386.rpm # sshd -v sshd: illegal option -- v sshd version OpenSSH_2.9.9p2 Please, straighten me out . . . Ben Rosenberg wrote:
* Michael D. Schleif (mds@helices.org) [020929 16:25]: :: ::I am very frustrated. An associate installed SuSE on a server to which ::I am remotely ssh'd. :: ::I cannot find adequate documentation for yast/yast2 anywhere. In fact, ::there is *NO* man yast2 !?!? :: ::I don't know why this box -- supposedly patched and fully updated by my ::associate -- is running sshd and openssl through which every script ::kiddie can skip; but, I also cannot figure out how to upgrade this beast
If your associate has patched this machine with the most current patches then a "script kiddie" can no more skip through that box then a normal use can. Do not mistake the version number of OpenSSL as an invite to run rampant through the system. SuSE patches the current version number that came with the CD's, so if the 8.0 system had 0.9.6c come with it then they would patch that version and release new packages of the same number. Make no mistake that this is insecure. SuSE does this as not to break many other things that come with the system such as ALL of KDE and many other packages. They don't wish to release 100's of rebuilt pkgs just because one pkg that the others use is broken. If your associate has any clue about security then he has setup privsep and run's all of the ssh connections in a chrooted environment which is the prudent thing to do. OpenSSH and OpenSSL are not at issue here. The air between the keyboard and the chair are. A compitant admin keeps abreast of what's going on and tries to keep the system safe as possible. Nothing is sure fire as far as security accept removing the CDROM, Floppy drive, network cable and basically shutting the machine off. If there is a problem then a cracker will find it. But keeping up on such things makes it a little bit better.
You can find documentation on YaST2 and it's modules here. What you use to access them is a simple web browser or the help tool that comes with SuSE.
The html files are here.
/usr/share/doc/packages
I would suggest using the SuSE Help Centre to get the information you desire.
What I would do is this. SSH to the machine in question and display the helpcentre through an encrypted ssh tunnel. Then run through documents you wish to see.
By default SuSE's install of ssh doesn't do ssh X forwarding so you will have to do this..
ssh -X user@domain
Then you should be able to execute the help system executable to have it displayed on your own system. The executable is "susehelpcenter". If your running Windows or something else to access the system you will need an X server to do this.
-- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
Ben Rosenberg wrote:
* Michael D. Schleif (mds@helices.org) [020929 16:25]: :: ::I am very frustrated. An associate installed SuSE on a server to which ::I am remotely ssh'd. :: ::I cannot find adequate documentation for yast/yast2 anywhere. In fact, ::there is *NO* man yast2 !?!? :: ::I don't know why this box -- supposedly patched and fully updated by my ::associate -- is running sshd and openssl through which every script ::kiddie can skip; but, I also cannot figure out how to upgrade this beast
If your associate has patched this machine with the most current patches then a "script kiddie" can no more skip through that box then a normal use can. Do not mistake the version number of OpenSSL as an invite to run rampant through the system. SuSE patches the current version number that came with the CD's, so if the 8.0 system had 0.9.6c come with it then they would patch that version and release new packages of the same number. Make no mistake that this is insecure. SuSE does this as not to break many other things that come with the system such as ALL of KDE and many other packages. They don't wish to release 100's of rebuilt pkgs just because one pkg that the others use is broken. If your associate has any clue about security then he has setup privsep and run's all of the ssh connections in a chrooted environment which is the prudent thing to do. OpenSSH and OpenSSL are not at issue here. The air between the keyboard and the chair are. A compitant admin keeps abreast of what's going on and tries to keep the system safe as possible. Nothing is sure fire as far as security accept removing the CDROM, Floppy drive, network cable and basically shutting the machine off. If there is a problem then a cracker will find it. But keeping up on such things makes it a little bit better.
<snip /> All else said and done, can you suggest a way that I can use YOU from a remote ssh session? What can I do to resolve these errors? How can I use YOU? This all seems terribly difficult, especially compared to debian and apt . . . -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/7ce72c46b6ab41ad3bb822a75c7ea410.jpg?s=120&d=mm&r=g)
* Michael D. Schleif (mds@helices.org) [020929 18:34]: :: ::How can I use YOU? ssh -X user@domain then you can run YaST2/YOU by starting it. ssh will take care of tunneling it to your desktop. ::This all seems terribly difficult, especially compared to debian and apt Yes, It is. I've been using apt on 8.0 for sometime and I find it very easy. I've taken a look at the new YaST2 and it's pkg management system for SuSE 8.1 / SLES 8.0 and it looks much better. We shall see. -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
Ben Rosenberg wrote:
* Michael D. Schleif (mds@helices.org) [020929 18:34]: :: ::How can I use YOU?
ssh -X user@domain
then you can run YaST2/YOU by starting it. ssh will take care of tunneling it to your desktop.
Part of the problem is, the remote box is based on an Intel i845G mainboard and my associate cannot get X running with that chipset. Part of my task was to get onto the box -- remotely -- secure it and use the management utility -- yast/yast2 -- to investigate possibilities of moving to kernel 2.4.19, or better, where there is support for this chipset. Unfortunately, I cannot forward X without the remote system having a functional X server . . . Besides, according to this: <http://sdb.suse.de/en/sdb/html/yast2_ncurses.html> Using YaST2 in Text Mode, I should be able to do this from cli and ncurses ;<
::This all seems terribly difficult, especially compared to debian and apt
Yes, It is. I've been using apt on 8.0 for sometime and I find it very easy. I've taken a look at the new YaST2 and it's pkg management system for SuSE 8.1 / SLES 8.0 and it looks much better. We shall see.
Many years ago, I started on slackware. It's too bad; but, I always have too much on my plate to dive in and learn everything about every package on my system. So, I looked around at other linux distributions that purported to have os and software management systems to mediate between user and os. I tried suse several years ago; but, ran into problems with an ``exotic'' video card. If I'd have to go back to compiling my own stuff, why bother with yast? I didn't. Apparently, from my current position, not all that much has changed . . . -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/cbdb2b4dc48489f0fdee30e8d42165c5.jpg?s=120&d=mm&r=g)
Michael D. Schleif said:
Unfortunately, I cannot forward X without the remote system having a functional X server . . .
Of course you can. You don't need a configured X server on the remote box, you just need to have the X libs installed.
Besides, according to this: <http://sdb.suse.de/en/sdb/html/yast2_ncurses.html> Using YaST2 in Text Mode, I should be able to do this from cli and ncurses ;<
Yes you can. regards Anders
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
Care to elaborate? Any suggestions on how to accomplish your observations? Anders Johansson wrote:
Michael D. Schleif said:
Unfortunately, I cannot forward X without the remote system having a functional X server . . .
Of course you can. You don't need a configured X server on the remote box, you just need to have the X libs installed.
What is the SuSE way to verify what is installed? In other words, ssh'ing remotely into this box, how can I know whether or not X libs are properly installed? I ask this, because Ben's suggestion: ssh -X user@domain does *not* work -- I get in; but, *no* X ;<
Besides, according to this: <http://sdb.suse.de/en/sdb/html/yast2_ncurses.html> Using YaST2 in Text Mode, I should be able to do this from cli and ncurses ;<
Yes you can.
Then, as per my original post, *WHY* this? /sbin/yast2 online_update Starting download of patch descriptions from ftp.gwdg.de. Connected error_path Disconnected Can't get patches from server. Please try to get patches from another SuSE ftp server. -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/cbdb2b4dc48489f0fdee30e8d42165c5.jpg?s=120&d=mm&r=g)
Michael D. Schleif said:
What is the SuSE way to verify what is installed? In other words, ssh'ing remotely into this box, how can I know whether or not X libs are properly installed?
The rpm way is "rpm -q <package name>". In this case "rpm -q xshared" //Anders
![](https://seccdn.libravatar.org/avatar/5a94d2f8a5845d5f1c1ea1556fc0cb72.jpg?s=120&d=mm&r=g)
Michael D. Schleif wrote:
Care to elaborate? Any suggestions on how to accomplish your observations?
Why remote your X when the ncurses version of Yast works fine with an xterm/ssh connection? It has GOT to run even slower that way (and it is bad enough the way I do it :-) ).
What is the SuSE way to verify what is installed?
How about in the xterm/ssh box, you enter rpm -q <package name>. This will tell you what is installed, at least via rpm, i.e. rpm -q xf86.
In other words, ssh'ing remotely into this box, how can I know whether or not X libs are properly installed?
I just use an xterm. I never tried yast2 online_update, but I have went through the ncurses menu many times. 8.1 will be even better.
Then, as per my original post, *WHY* this?
/sbin/yast2 online_update
Starting download of patch descriptions from ftp.gwdg.de. Connected error_path Disconnected
Can't get patches from server. Please try to get patches from another SuSE ftp server.
This was probably a transient problem caused by ftp.gwdg.de being swamped the other day. Try again. Or, try entering yast, and using the menu. I just tried a local xterm and it started up the qt version. The text version DOES work, though, through ssh. HTH. -- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://www.mydestiny.net/~joe_morris Registered Linux user 231871 God said, I AM that I AM. I say, by the grace God, I am what I am.
![](https://seccdn.libravatar.org/avatar/861b5545c111d2257fa12e533e723110.jpg?s=120&d=mm&r=g)
El 02.09.29 a las 21:51, Michael D. Schleif escribió:
Date: Sun, 29 Sep 2002 21:51:44 -0500 From: Michael D. Schleif <mds@helices.org> Cc: suse-linux-e@suse.com Subject: Re: [SLE] YOU -- Can't get patches from server.
Besides, according to this: <http://sdb.suse.de/en/sdb/html/yast2_ncurses.html> Using YaST2 in Text Mode, I should be able to do this from cli and ncurses ;<
I have suse 7.3, and I always use yast2 from a console. In fact, I never use it from X. I assume it would work remotely, but I have not tried with yast2, only with yast1 in suse 7.1 -- Cheers, Carlos Robinson
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
Ben Rosenberg wrote:
* Michael D. Schleif (mds@helices.org) [020929 18:34]: :: ::How can I use YOU?
ssh -X user@domain
then you can run YaST2/YOU by starting it. ssh will take care of tunneling it to your desktop.
OK, I have X/ssh working on a debian woody box. However, this is what I get trying to run YOU: Calling online_update /sbin/yast2: line 62: 3485 Aborted /usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry "$Y2_GEOMETRY" -style="$Y2_STYLE" -fn "-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" Calling online_update /sbin/yast2: line 62: 3560 Aborted /usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry "$Y2_GEOMETRY" -style="$Y2_STYLE" -fn "-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/7ce72c46b6ab41ad3bb822a75c7ea410.jpg?s=120&d=mm&r=g)
* Michael D. Schleif (mds@helices.org) [020930 06:32]: :: ::However, this is what I get trying to run YOU: :: ::Calling online_update ::/sbin/yast2: line 62: 3485 Aborted ::/usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry ::"$Y2_GEOMETRY" -style="$Y2_STYLE" -fn ::"-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" ::Calling online_update ::/sbin/yast2: line 62: 3560 Aborted ::/usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry ::"$Y2_GEOMETRY" -style="$Y2_STYLE" -fn ::"-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" :: :: ::What do you think? One of two things. Yast1 use to hate small xterms. So make your xterm bigger and try again. The second thing I would say is that your associate who set this box up messed something up. I just ran the ncurses version of YaST2 and started YOU. It worked fine ..even though I didn't go through with the update. I use apt not YOU. -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
![](https://seccdn.libravatar.org/avatar/7da99eae20566a1faf7d85c1ec65ecc6.jpg?s=120&d=mm&r=g)
I must have mis-communicated something. This current issue is running the X instance of yast2 through an ssh tunnel on a 1600x1200 display. I maybe slow today; but, I do not see how your comments apply to that . . . Ben Rosenberg wrote:
* Michael D. Schleif (mds@helices.org) [020930 06:32]: :: ::However, this is what I get trying to run YOU: :: ::Calling online_update ::/sbin/yast2: line 62: 3485 Aborted ::/usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry ::"$Y2_GEOMETRY" -style="$Y2_STYLE" -fn ::"-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" ::Calling online_update ::/sbin/yast2: line 62: 3560 Aborted ::/usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry ::"$Y2_GEOMETRY" -style="$Y2_STYLE" -fn ::"-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" :: :: ::What do you think?
One of two things. Yast1 use to hate small xterms. So make your xterm bigger and try again. The second thing I would say is that your associate who set this box up messed something up. I just ran the ncurses version of YaST2 and started YOU. It worked fine ..even though I didn't go through with the update. I use apt not YOU.
How do I get apt on this system? What do you use for a sources.list? Thank you, for your continued support . . . -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . .
![](https://seccdn.libravatar.org/avatar/7ce72c46b6ab41ad3bb822a75c7ea410.jpg?s=120&d=mm&r=g)
I wasn't sure you got that working. The last I saw you were having issues. I saw the "geometry" issue below and offered up a issue I've seen in the past. I'm going to stop commenting because I don't use YOU/YaST2 under 7.2..back then I did stuff by hand. Such as ftping to the server and knowing what I had installed so it could be updated. Sorry to waste your time. * Michael D. Schleif (mds@helices.org) [020930 12:38]: :: ::I must have mis-communicated something. :: ::This current issue is running the X instance of yast2 through an ssh ::tunnel on a 1600x1200 display. :: ::I maybe slow today; but, I do not see how your comments apply to that . ::. . :: ::Ben Rosenberg wrote: ::> ::> * Michael D. Schleif (mds@helices.org) [020930 06:32]: ::> :: ::> ::However, this is what I get trying to run YOU: ::> :: ::> ::Calling online_update ::> ::/sbin/yast2: line 62: 3485 Aborted ::> ::/usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry ::> ::"$Y2_GEOMETRY" -style="$Y2_STYLE" -fn ::> ::"-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" ::> ::Calling online_update ::> ::/sbin/yast2: line 62: 3560 Aborted ::> ::/usr/lib/YaST2/bin/y2bignfat $module $arg2 $arg3 qt -T -geometry ::> ::"$Y2_GEOMETRY" -style="$Y2_STYLE" -fn ::> ::"-gnu-unifont-medium-r-normal--16-160-75-75-p-80-iso10646-1" ::> :: ::> :: ::> ::What do you think? ::> ::> One of two things. Yast1 use to hate small xterms. So make your xterm ::> bigger and try again. The second thing I would say is that your ::> associate who set this box up messed something up. I just ran the ::> ncurses version of YaST2 and started YOU. It worked fine ..even though I ::> didn't go through with the update. I use apt not YOU. :: ::How do I get apt on this system? :: ::What do you use for a sources.list? :: ::Thank you, for your continued support . . . :: ::-- :: ::Best Regards, :: ::mds ::mds resource ::888.250.3987 :: ::Dare to fix things before they break . . . :: ::Our capacity for understanding is inversely proportional to how much we ::think we know. The more I know, the more I know I don't know . . . :: ::-- ::Check the headers for your unsubscription address ::For additional commands send e-mail to suse-linux-e-help@suse.com ::Also check the archives at http://lists.suse.com ::Please read the FAQs: suse-linux-e-faq@suse.com :: :: -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
![](https://seccdn.libravatar.org/avatar/0f6a9b0e4faa2392285ee332ca50c1e6.jpg?s=120&d=mm&r=g)
On Sunday 29 September 2002 07:49 pm, Ben Rosenberg wrote:
just because one pkg that the others use is broken. If your associate has any clue about security then he has setup privsep and run's all of the ssh connections in a chrooted environment which is the prudent thing to do. OpenSSH and OpenSSL are not at issue here. The air between the keyboard and the chair are. A compitant admin keeps abreast of what's going on and tries to keep the system safe as possible. Nothing is sure
Actually I would disagree that this ideal. If you chroot SSH then you can't log into the system remotely and execute anything without adding it to the chrooted environment. I agree that most other daemons should be run this way but SSH isn't the best daemon to run this way. Now if you mean creating chrooted users that is different. The problem with these ideas though is that most "servers" are remotely administrated, and chrooting ssh means you have to setup another method to gain root, which sort of defeats the purpose of a chrooted environment. Your best choices here are to firewall your environment so that only "trusted" systems can reach it. And also you should ensure that your security tools are the most recent versions available regardless of what versions SuSE or anyone else is distributing.
fire as far as security accept removing the CDROM, Floppy drive, network cable and basically shutting the machine off. If there is a problem then a cracker will find it. But keeping up on such things makes it a little bit better.
This is true, no true way to be secure while you are connected, all you can do is make yourself less of a target than everyone else.
participants (7)
-
Anders Johansson
-
Anthony Moulen
-
Ben Rosenberg
-
Carlos E. R.
-
Joe & Sesil Morris (NTM)
-
Matthew Johnson
-
Michael D. Schleif