[CoLoCo] REMOTE SERVER

[Kevin Fries]

On Mon, 2007-10-08 at 08:07 -0600, phillip tribble wrote:
> http://www.linux.com/feature/119446 
> 
> I came across this article this morning from Linux.com. The article
> discusses how to easily login your computer remotely and launch
> applications. Has anyone had expierence with this yet? 

This guy does things the hard way.

First of all, if you have a network, by all that is holly and good, get
a Linksys WRT router!  (DLink, 3Com, etc are ok, I just always use
Linksys)  It has support for Dynamic DNS services built right in.  No
need to run a "special" client.  And the bloody things just work, with
minimal power consumption, and wonderful security.

Second, Turn off passwords completely from your SSH and LEAVE PAM
ALONE!!!  Allowing any password allows strong arm attacks.  This guy
leaves a door open, then tries to lock its privileges down.  Better
idea, put up a dead bolt and place a hungry rottweiler behind it.

Instead, use RSA keys.  There are plenty of easy to follow how-tos on
setting this up, and the man page makes it trivial.  Look at ssh-keygen
in the man pages, and you probably won't need instructions over the net.
This will lock that entrance tight.  Short of the CIA trying to hack
your system, this should keep them out.  And if the CIA is trying to
hack your system... well can't help you there.

Last of all, why download NX when VNC comes in your distro by default?
I have seen NX used in developing client server programs where the
client can be on one of several platforms, and they wanted to
standardize the programs interface.  But just for remote access?
Complete overkill.

With a Linksys router, SSH (using keys), and VNC, this should take 5
minutes to setup.  And best of all, it works.  Even better, without any
goofy clients, you can easily get help if anything goes wrong.

Like I said, this guys does things the hard way.

-- 
Kevin Fries
Senior Linux Engineer
Computer and Communications Technology, Inc
A Division of Japan Communications Inc.