Back off, man. I’m a scientist.
You are currently browsing articles tagged ssh.
You really shouldn’t allow SSH logins via password. This is doubly true for root. On most of my hosts we allow SSH for normal users with a password, but restrict root to SSH keys only. And we always protect against brute force attacks with fail2ban.
If you aren’t already using SSH keys and SSH agent, you should. SSH agent forwarding allows for secure sideways authentication. For example:
I love SSHFS. I manage a lot of machines, and I very often want to do something like this:
diff root@server1:/etc/randomrcfile root@server2:/etc/randomrcfile
There are ways to do this with Kompare (a KDE diff app) and the fish:// Kioslave, but not on the command line. SSHFS makes it easy:
mkdir /tmp/server1 /tmp/server2
sshfs root@server1:/ /tmp/server1/
sshfs root@server2:/ /tmp/server2/
diff /tmp/server1/etc/randomrcfile /tmp/server2/etc/randomrcfile
I do this so often that I’ve written my own script to handle this for me, smount. Copy it somewhere in your path, and optionally make a copy or symlink called “sumount”. Now you can rapidly mount and unmount multiple hosts.
All content © 2008-2010 Tyler J. Wagner
Recent Comments