[rhn-users] Telnet woes

Sullivan, Michael michael.sullivan at eds.com
Thu Aug 18 15:39:31 UTC 2005 

Hello Liz,

That's cool your hubby worked for EDS.  OpenSSH is readily downloadable
from RHN (Server, Client, etc)......in rpm form....no compiling.  I'm
not sure what functionality you guys are requesting the users to have
and not have.....the second telnet package should suffice, you guys
could use the tn5250 so the users have the wyse feel!

--Mike.   

CONFIDENTIALITY NOTICE:  This email from EDS is for the sole use of the
intended recipient and may contain confidential and privileged
information.  Any unauthorized review or use, including disclosure or
distribution is prohibited.  If you are not the intended recipient,
please contact the sender and destroy all copies of the email.



-----Original Message-----
From: rhn-users-bounces at redhat.com [mailto:rhn-users-bounces at redhat.com]
On Behalf Of Riley, Liz (ACHE)
Sent: Wednesday, August 17, 2005 11:45 PM
To: Red Hat Network Users List
Subject: RE: [rhn-users] Telnet woes



Mike,


> Have you looked into running an OpenSSH server daemon.....you can 
> chroot the users to a directory where they can cause no harm, 
> configure there accounts to have restricted use, umask, etc. then 
> really squeeze any functionality out.....giving them just the basics.

> If they need a little more "flexibility" you could give them sudo 
> rights for specific commands, but I wouldn't give them any on scripts 
> (ksh, bash, sh). You'll have all the logging you need!  Even more if 
> your running ldap.
>
> Personally I would not use telnet or recommend using telnet to anyone.
>
> Hope this helps,
> --Mike.


Thanks for your idea. However, SSH has further issues (you work for
EDS!! My hubby left there not long ago)

I know telnet is as good as useless, however, its over an encrypted vpn,
so, its not security of data traffic that worries us, its more the
functionality, also, for (from on high) reasons, the packages must be
supplied by redhat, so, no compiling up of stuff, must be 100% redhat
downloadable.

I have since found a second telnet daemon provided by redhat, the non
kerberos one. This *does* work, it logs the login events. This is good.
This will probably have to do.

I havent really done much with redhat, and Slackware didn't have pam
last time I installed it, so, I realise a lot of work could arguably
done with pam, but, reading the pam tutorial manual, again, its all well
and good if pams compiled in and stuff, but not if it isnt ....

I wish I could give the 3rd party company a vt100 and know they cant do
anything, but, that's not my call (heck I have a wyse terminal at home
somewhere I could send them!)

Liz

******************************************
The information contained in, or attached to, this e-mail, may contain
confidential information and is intended solely for the use of the
individual or entity to whom they are addressed and may be subject to
legal privilege.  If you have received this e-mail in error you should
notify the sender immediately by reply e-mail, delete the message from
your system and notify your system manager.  Please do not copy it for
any purpose, or disclose its contents to any other person.  The views or
opinions presented in this e-mail are solely those of the author and do
not necessarily represent those of the company.  The recipient should
check this e-mail and any attachments for the presence of viruses.  The
company accepts no liability for any damage caused, directly or
indirectly, by any virus transmitted in this email.
******************************************

_______________________________________________
rhn-users mailing list
rhn-users at redhat.com https://www.redhat.com/mailman/listinfo/rhn-users

More information about the rhn-users mailing list