[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]
Re: Remote login

From: Karl Pearson <karlp ourldsfamily com>
To: redhat-install-list redhat com
Subject: Re: Remote login
Date: Fri, 3 May 2002 12:21:56 -0600 (Mountain Daylight Time)
On Fri, 3 May 2002, Rick Stevens wrote:

->corbin, vanessa wrote:
->> Question 1
->> I have X server running.  I use KDE at console.  I want to know if it is
->> possible access KDE desktop environment when remotely accessing system.  If
->> it is possible, how do I set it up???
->
->Vanessa,
->
->First, don't use telnet if you can avoid it.  Use ssh (it's  part of the
->standard RedHat installation).  telnet is totally unencrypted so anyone
->looking at the data stream will be able to see passwords and such in
->cleartext.  ssh encrypts EVERYTHING.  You will need an ssh client to
->log in, but it's part of the ssh package.

And from W32 clients, download PuTTY, an excellent product that allows SSH
connections to hosts.

->
->ssh, as distributed by RedHat,  DOES allow root logins remotely.  To
->disable that feature, you must edit the "/etc/ssh/sshd_config" file,
->change the line "PermitRootLogin yes" to "PermitRootLogin no" and
->restart sshd.
->
->ssh will also allow you to use a GUI.  It provides a tunneling mechanism
->for Xwindows.  From the remote end you log into the host via ssh.  If
->you run your X application on the host, the GUI will show up at the
->remote end.  I think that's what you want.  Keep in mind that the GUI
->won't be as fast remotely due to the connection speed between the
->machines AND the encryption SSH is doing.
->
->> Question 2
->> I will have developers just su to root.
->
->Good.  Remember, "su" grants root privileges, but not root's
->_environment_ (path, home directory, etc.)  If you want to become root
->(just as if you had logged in as root), then use "su -".

I don't agree. I believe: "There's nothing more dangerous than a programmer
with a screwdriver" is a true statement. I would recommend using sudo
instead. That way you can control specific access and track things better.

->
->Again, I can't stress strongly enough--DISABLE telnet and use SSH.
->Also stay away from anonymous FTP unless you use the ProFTP package.
->

No argument here. ssh at 128-bit is wonderful. AND if you have an X-Server
for remote PCs running W32, or are connecting from Linux in X, you will be
able to run X sessions locally, too.

--
Karl Pearson
Senior Consulting DBA
Senior Consulting Unix/MS/Database Analyst
karlp ourldsfamily com
http://consulting.ourldsfamily.com
-------------------------------------



->> -----Original Message-----
->> From: Bill Andersen [mailto:bill mwdental com]
->> Sent: Friday, May 03, 2002 11:16 AM
->> To: redhat-install-list redhat com
->> Subject: RE: Remote login
->>
->>
->> Vanessa Corbin wrote:
->>
->>>I am new to Linux.  I have just installed Red Hat 7.2.  I want to know:
->>>
->>>1) Is gui interface available when accessing box remotely?
->>>2) Can "root" id be used to telnet into box?
->>>
->>>Currently, I cannot telnet using root and I do not get gui interface.  Are
->>>these problems or features??
->>>
->>
->> Vanessa,
->>
->>   As a general rule of thumb, you shouldn't really log in as "root"
->>   for everyday usage.  Especially if you are not familier with the OS.
->>   Although most "experienced" system admins DO log in as root as a norm,
->>   most will tell you the don't :)  (OK, yes I'm included)
->>
->>   However, the BEST way to do your administration is to log in under
->>   your normal user account and then issue the command "su".  You will
->>   then be asked for the root password.  Once you give a good password,
->>   you become the "Super User" (aka root)
->>
->>   So, in answer to your question #2 - As telnet is not a secure method
->>   of accessing your machine, MOST unix system don't allow you to telnet
->>   in as root BY DEFAULT.  You CAN configure telnet to allow access via
->>   root, but I wouldn't suggest doing so.
->>
->>   For question #1 - You can get a GUI using an Xwindows Server on your
->>   local machine.  However, I have no use for it and really have never
->>   done so.  Other on the list might point you to a good X server - assuming
->>   you are working on a PC from the remote machine.
->>
->> Bill
->>
->>
->>
->> _______________________________________________
->> Redhat-install-list mailing list
->> Redhat-install-list redhat com
->> https://listman.redhat.com/mailman/listinfo/redhat-install-list
->>
->>
->>
->> _______________________________________________
->> Redhat-install-list mailing list
->> Redhat-install-list redhat com
->> https://listman.redhat.com/mailman/listinfo/redhat-install-list
->>
->
->
->
->--
->----------------------------------------------------------------------
->- Rick Stevens, SSE, VitalStream, Inc.      rstevens vitalstream com -
->- 949-743-2010 (Voice)                    http://www.vitalstream.com -
->-                                                                    -
->-     Veni, Vidi, VISA:  I came, I saw, I did a little shopping.     -
->----------------------------------------------------------------------
->
->
->
->_______________________________________________
->Redhat-install-list mailing list
->Redhat-install-list redhat com
->https://listman.redhat.com/mailman/listinfo/redhat-install-list
->
References:
- Re: Remote login
  - From: Rick Stevens
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]