redhat-list Digest, Vol 23, Issue 9
Baron, Peter A.
Peter.Baron at InterDigital.com
Wed Feb 1 14:50:55 UTC 2006
-----Original Message-----
From: redhat-list-request at redhat.com
[mailto:redhat-list-request at redhat.com]
Sent: Sunday, January 08, 2006 12:00 PM
To: redhat-list at redhat.com
Subject: redhat-list Digest, Vol 23, Issue 9
Send redhat-list mailing list submissions to
redhat-list at redhat.com
To subscribe or unsubscribe via the World Wide Web, visit
https://www.redhat.com/mailman/listinfo/redhat-list
or, via email, send a message with subject or body 'help' to
redhat-list-request at redhat.com
You can reach the person managing the list at
redhat-list-owner at redhat.com
When replying, please edit your Subject line so it is more specific than
"Re: Contents of redhat-list digest..."
Today's Topics:
1. encrypt password for Kickstart (Kipp, Jim)
2. RE: is this an intruder? (Bliss, Aaron)
3. RE: is this an intruder? (Michael D. Berger)
4. Re: encrypt password for Kickstart (Allen K. Smith)
5. RE: encrypt password for Kickstart (Kipp, Jim)
6. Re: is this an intruder? (Malcolm Kay)
----------------------------------------------------------------------
Message: 1
Date: Sat, 7 Jan 2006 13:35:02 -0500
From: "Kipp, Jim" <jkipp at ingdirect.com>
Subject: encrypt password for Kickstart
To: <redhat-list at redhat.com>
Message-ID:
<EC741B54812B5940AC1A6EFDFD011D0F03034205 at ingdexj1.ingdirect.com>
Content-Type: text/plain; charset="us-ascii"
Hi
I am preparing a kickstart cfg file for RHEL4. I would like to encrypt
the root password using md5.
"rootpw --iscrypted xxxxxxxxxxxxxx"
What is the recommended method for creating the MD5 hash to use in the
above line in the cfg file?
I checked the RH docs for kickstart but did not find anything pertaining
to this.
Thanks for any suggestions.
Jim
************************************************************************
*****
This email may contain confidential or privileged information. If you
believe you have received the message in error, please notify the
sender and delete the message without copying or disclosing it.
************************************************************************
*****
------------------------------
Message: 2
Date: Sat, 7 Jan 2006 14:25:12 -0500
From: "Bliss, Aaron" <ABliss at preferredcare.org>
Subject: RE: is this an intruder?
To: "'Stephen Carville'" <stephen at totalflood.com>, General Red Hat
Linux discussion list <redhat-list at redhat.com>
Message-ID:
<FFF3441ECA73784EAAAD9B8ABFB0CC2B242CB8 at ms-win-s21.preferredcare.org>
Content-Type: text/plain; charset="iso-8859-1"
I would be careful of using the wheel group to allow ssh logins, as
admins
typically use this group in sudoers file to grant root access for
non-root
users; granting the wheel group ssh logins as well as root access is
essentially allowing root access over ssh anyway; although an outside
attacker would at least have to guess the non-root user's id and
password.
-----Original Message-----
From: Stephen Carville [mailto:stephen at totalflood.com]
Sent: Saturday, January 07, 2006 9:40 AM
To: General Red Hat Linux discussion list
Subject: Re: is this an intruder?
Marty Landman wrote:
> Not sure if I'm reading this right as this is new to me but it appears
> someone in Denmark spent about 10 minutes trying a variety of userid's
> to start an ssh session on my network gateway.
Yep! If you do not need ssh, your best defense is to disable it.
Otherwise.
Turn off root login and designate a group for oter ssh logins. At home
I just use "wheel."
in /etc/ssh/sshd_config
PermitRootLogin no
AllowGroups wheel
Restart sshd
Put you and anyone else who must have ssh access in the group wheel.
Make sure they have good passwords.
Other possible changes are to only allow ssh protocol 2 and to change
the external port. Check 'Protocol", "Port" and ListenAddress" in man
sshd_config.
--
Stephen Carville <stephen at totalflood.com>
Unix and Network Admin
Nationwide Totalflood
6033 W. Century Blvd
Los Angeles, CA 90045
310-342-3602
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
www.preferredcare.org
"An Outstanding Member Experience," Preferred Care HMO Plans -- J. D.
Power and Associates
Confidentiality Notice:
The information contained in this electronic message is intended for the
exclusive use of the individual or entity named above and may contain
privileged or confidential information. If the reader of this message
is not the intended recipient or the employee or agent responsible to
deliver it to the intended recipient, you are hereby notified that
dissemination, distribution or copying of this information is
prohibited. If you have received this communication in error, please
notify the sender immediately by telephone and destroy the copies you
received.
------------------------------
Message: 3
Date: Sat, 7 Jan 2006 15:58:22 -0500
From: "Michael D. Berger" <m.d.berger at ieee.org>
Subject: RE: is this an intruder?
To: "'General Red Hat Linux discussion list'" <redhat-list at redhat.com>
Message-ID: <000001c613cd$18ebae40$2801a8c0 at MBRC40>
Content-Type: text/plain; charset="us-ascii"
What about protocol 2 RSA PubkeyAuthentication? Doesn't this
provide enough protection so that the selection of users and
groups is not important?
Mike.
--
Michael D. Berger
m.d.berger at ieee.org
> -----Original Message-----
> From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Bliss, Aaron
> Sent: Saturday, January 07, 2006 2:25 PM
> To: 'Stephen Carville'; General Red Hat Linux discussion list
> Subject: RE: is this an intruder?
>
>
> I would be careful of using the wheel group to allow ssh
> logins, as admins
> typically use this group in sudoers file to grant root access
> for non-root
> users; granting the wheel group ssh logins as well as root access is
> essentially allowing root access over ssh anyway; although an outside
> attacker would at least have to guess the non-root user's id
> and password.
>
> -----Original Message-----
> From: Stephen Carville [mailto:stephen at totalflood.com]
> Sent: Saturday, January 07, 2006 9:40 AM
> To: General Red Hat Linux discussion list
> Subject: Re: is this an intruder?
>
> Marty Landman wrote:
>
> > Not sure if I'm reading this right as this is new to me but
> it appears
> > someone in Denmark spent about 10 minutes trying a variety
> of userid's
> > to start an ssh session on my network gateway.
>
> Yep! If you do not need ssh, your best defense is to disable it.
>
> Otherwise.
>
> Turn off root login and designate a group for oter ssh
> logins. At home
> I just use "wheel."
>
> in /etc/ssh/sshd_config
>
> PermitRootLogin no
> AllowGroups wheel
>
> Restart sshd
>
> Put you and anyone else who must have ssh access in the group wheel.
> Make sure they have good passwords.
>
> Other possible changes are to only allow ssh protocol 2 and to change
> the external port. Check 'Protocol", "Port" and
> ListenAddress" in man
> sshd_config.
>
> --
> Stephen Carville <stephen at totalflood.com>
> Unix and Network Admin
> Nationwide Totalflood
> 6033 W. Century Blvd
> Los Angeles, CA 90045
> 310-342-3602
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
>
> www.preferredcare.org
> "An Outstanding Member Experience," Preferred Care HMO Plans
> -- J. D. Power and Associates
>
> Confidentiality Notice:
> The information contained in this electronic message is
> intended for the exclusive use of the individual or entity
> named above and may contain privileged or confidential
> information. If the reader of this message is not the
> intended recipient or the employee or agent responsible to
> deliver it to the intended recipient, you are hereby notified
> that dissemination, distribution or copying of this
> information is prohibited. If you have received this
> communication in error, please notify the sender immediately
> by telephone and destroy the copies you received.
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
------------------------------
Message: 4
Date: Sat, 7 Jan 2006 13:18:52 -0800
From: "Allen K. Smith" <lazlor at bigboy.lotaris.org>
Subject: Re: encrypt password for Kickstart
To: General Red Hat Linux discussion list <redhat-list at redhat.com>
Message-ID: <3274F295-E6CD-48D9-B6FD-122CCB1D83DB at bigboy.lotaris.org>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
openssl passwd -1
On Jan 7, 2006, at 10:35 AM, Kipp, Jim wrote:
> Hi
> I am preparing a kickstart cfg file for RHEL4. I would like to
> encrypt
> the root password using md5.
>
> "rootpw --iscrypted xxxxxxxxxxxxxx"
>
> What is the recommended method for creating the MD5 hash to use in the
> above line in the cfg file?
>
> I checked the RH docs for kickstart but did not find anything
> pertaining
> to this.
>
> Thanks for any suggestions.
>
> Jim
>
>
>
>
>
>
>
>
>
> **********************************************************************
> *******
> This email may contain confidential or privileged information. If
> you believe
> you have received the message in error, please notify the sender
> and delete
> the message without copying or disclosing it.
> **********************************************************************
> *******
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
------------------------------
Message: 5
Date: Sat, 7 Jan 2006 19:41:40 -0500
From: "Kipp, Jim" <jkipp at ingdirect.com>
Subject: RE: encrypt password for Kickstart
To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
Message-ID:
<EC741B54812B5940AC1A6EFDFD011D0F0134BDF3 at ingdexj1.ingdirect.com>
Content-Type: text/plain; charset="iso-8859-1"
Thanks, did find this on google. sorry for the wasted question
________________________________
From: redhat-list-bounces at redhat.com on behalf of Allen K. Smith
Sent: Sat 1/7/2006 4:18 PM
To: General Red Hat Linux discussion list
Subject: Re: encrypt password for Kickstart
openssl passwd -1
On Jan 7, 2006, at 10:35 AM, Kipp, Jim wrote:
> Hi
> I am preparing a kickstart cfg file for RHEL4. I would like to
> encrypt
> the root password using md5.
>
> "rootpw --iscrypted xxxxxxxxxxxxxx"
>
> What is the recommended method for creating the MD5 hash to use in the
> above line in the cfg file?
>
> I checked the RH docs for kickstart but did not find anything
> pertaining
> to this.
>
> Thanks for any suggestions.
>
> Jim
>
>
>
************************************************************************
*****
This email may contain confidential or privileged information. If you
believe
you have received the message in error, please notify the sender and
delete
the message without copying or disclosing it.
************************************************************************
*****
------------------------------
Message: 6
Date: Mon, 9 Jan 2006 02:38:16 +1030
From: Malcolm Kay <malcolm.kay at internode.on.net>
Subject: Re: is this an intruder?
To: redhat-list at redhat.com
Cc: "Bliss, Aaron" <ABliss at preferredcare.org>
Message-ID: <200601090238.16300.malcolm.kay at internode.on.net>
Content-Type: text/plain; charset="iso-8859-1"
On Sun, 8 Jan 2006 05:55 am, Bliss, Aaron wrote:
> I would be careful of using the wheel group to allow ssh
> logins, as admins typically use this group in sudoers file to
> grant root access for non-root users; granting the wheel group
> ssh logins as well as root access is essentially allowing root
> access over ssh anyway; although an outside attacker would at
> least have to guess the non-root user's id and password.
>
> -----Original Message-----
> From: Stephen Carville [mailto:stephen at totalflood.com]
> Sent: Saturday, January 07, 2006 9:40 AM
> To: General Red Hat Linux discussion list
> Subject: Re: is this an intruder?
>
> Marty Landman wrote:
> > Not sure if I'm reading this right as this is new to me but
> > it appears someone in Denmark spent about 10 minutes trying
> > a variety of userid's to start an ssh session on my network
> > gateway.
>
> Yep! If you do not need ssh, your best defense is to disable
> it.
>
> Otherwise.
>
> Turn off root login and designate a group for oter ssh logins.
> At home I just use "wheel."
>
This sounds dangerous -- wheel is normally an alternative to the
root group introduced for compatibility with some forms of BSD
where it is the base privileged group.
Malcolm Kay
> in /etc/ssh/sshd_config
>
> PermitRootLogin no
> AllowGroups wheel
>
> Restart sshd
>
> Put you and anyone else who must have ssh access in the group
> wheel. Make sure they have good passwords.
>
> Other possible changes are to only allow ssh protocol 2 and to
> change the external port. Check 'Protocol", "Port" and
> ListenAddress" in man sshd_config.
>
------------------------------
__
redhat-list mailing list
Unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
End of redhat-list Digest, Vol 23, Issue 9
******************************************
Peter Baron
Senior UNIX Administrator
InterDigital Communications Corporation
2 Huntington Quadrangle
4th Floor, South Wing
Melville, NY 11747-4508
Tel.: +1 631.622.4295
Fax: +1 631.622.0101
Email: Peter.Baron at InterDigital.com
http://www.InterDigital.com
This e-mail is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and/or otherwise protected from disclosure to anyone other than its intended recipient. Unintended transmission shall not constitute waiver of any privilege or confidentiality obligation. If you received this communication in error, please do not review, copy or distribute it, notify me immediately by email, and delete the original message and any attachments. Unless expressly stated in this e-mail, nothing in this message or any attachment should be construed as a digital or electronic signature.
More information about the redhat-list
mailing list