[CoLoCo] REMOTE SERVER

Kevin Fries kfries at cctus.com
Mon Oct 8 20:42:59 BST 2007 

On Mon, 2007-10-08 at 11:24 -0600, Jim Hutchinson wrote:
> For passwords there is a program you can install on Ubuntu that makes
> "random" passwords. I forget the program though. Maybe someone else
> knows.
> 
> A trick I use is to create a random prefix and suffix and sandwich
> something memorable between. for example:
> 
> prefix = 6$Y
> suffix = G!9
> my gmail password = 6$YgoogG!9
> my yahoo password = 6$YyahoG!9
> 
> and so on. Btw, those are examples so have fun hacking my mail. I
> don't know if those are more or less secure since you are repeating
> part of your password everywhere but it makes it easy to remember.

Always remember, tricks like this make it tougher to guess.  The reason
behind the old upper case, lower case, number and special character is
to increase the number of characters needed to crack your password.  The
more character sets, the lower the odds of guessing it.  But remember,
someone is always winning the lottery, and their odds were just as long.
With the speed of modern computers, this can be a real issue.  It just
does not take as long to crack passwords as it used to.

For email and programs that can not be secured via a private encryption
key, these tools are the best you have.  But the OP wanted access to the
box to admin or fix problems.  In these cases, eliminating ssh passwords
all together eliminates even the lucky shot in the dark.  Besides, its
actually easier to setup SSH to do things in a more secure way, than it
is to set up all those access rights.  Ubuntu actually accepts keys in
its default configuration, all you have to do is turn passwords to no.

To the OP, trust me, set up the keys... 

If that is too easy, and you are bored, make it harder in a more
constructive way.  For instance, if you ran Webmin on that server box,
set it up to only respond to localhost.  Then setup your laptop so that
xinetd listens on port 10001 (leaving 10000 to webmin your local box).
Have xinetd start the SSH tunnel, automatically when you hit that port.
With the keys enabled, webmin would come up from your machine(s) and
only your machine(s) and handle the security silently in the background.
>From a web browser, localhost:10001 should be your remote server.  Even
this exercise is easier than that original linux.com post.


-- 
Kevin Fries
Senior Linux Engineer
Computer and Communications Technology, Inc
A Division of Japan Communications Inc.

More information about the Ubuntu-us-co mailing list