[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Planning for Summer/ssh (fwd)



There are several ways to do this.  One I haven't seen suggested is that
you use tcpwrappers instead of iptables.  This requires that you know
what your isp's hostname is, or domain name.  I generally allow all from
the subdomain into which I usually dial.  This could certainly be
automated with a procmail script.

You can use /etc/ppp/ip-up.local to send the email.  Arguement 4 ($4) is
the ip you have been assigned.  I used to put my home ip on an unlinked
web page this way.  Now I use dyndns.

Or you could combine, dyndns and tcpwrappers.

/etc/hosts.allow

sshd : * myip dyndnsdomain com

-----------------------------------------------------------------------
Jim Wildman, CISSP                                      jim rossberry com
614-404-1897                                     http://www.rossberry.com

On Thu, 18 Apr 2002, Mark Orenstein wrote:

> I'm thinking ahead to the summer when I only have dial up access and my IP
> address will be constantly changing. Right now with my home cable modem, my
> IP address is "unchanging" and I only allow external ssh access to the
> school server from this address via an iptable rule. This won't work for the
> summer where I will only have dial up access to the Internet.
> 
> I would still like to keep the iptable rule and was thinking of ways that I
> could dynamically update the table. One thought that I had was to send an
> email to the server with the body containing my current IP address. Is it
> possible that receipt of an email can cause a script to be executed? If so,
> I think that I could write a script that would obtain the IP address from
> the email body and issue the proper iptable command. Once I get into the
> email server, I can then ssh from it to any of the other servers inside the
> school system's network .
> 
> Or better yet, does anyone else have an already written script similar to
> the above.
> 
> Is there a better/simpler way of doing this?
> 
> Mark Orenstein
> East Granby, CT School System
> 
> 
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN redhat com
> https://listman.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]