Suggestion to make remote recovery easier

Justin M. Wray wray.justin.ubuntu at gmail.com
Wed May 7 04:37:41 BST 2008


This doesn't change the ideas of remote recovery ata ll, you simply need to use key-based authentication, which you listed in your first draft already.

I also think it might be a good idea to check is SSH is running, and if not run it on an abnormal (higher) port.

Also taking advantage of the reverse SSH tunnel will ease the NAT/Firewall issue.  For that matter, the "newbie" system could allow SSH connections only from localhost (which would be the most secure process), leaving you only with the need to secure the "helpers" system/service.

Thanks,
Justin M. Wray

Sent via BlackBerry by AT&T

-----Original Message-----
From: Andrew Sayers <andrew-ubuntu-devel at pileofstuff.org>

Date: Wed, 07 May 2008 01:40:44 
To:ubuntu-devel-discuss at lists.ubuntu.com
Subject: Re: Suggestion to make remote recovery easier


Based on this evidence, does anybody object to a bug report being filed
against openssh-server, saying that password authentication should be
disabled by default?  Of course, that leaves all my ideas in serious
trouble, but that's a secondary matter.

	- Andrew

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss


More information about the Ubuntu-devel-discuss mailing list