[H-SASIG] Proposed changes to Excalibur
Robert Brockway
robert at timetraveller.org
Thu Dec 3 01:14:41 EST 2009
On Mon, 30 Nov 2009, Russell Stuart wrote:
> 2. Ssh port
>
> The only service that runs on the OSDC that clashes with the current
> Excalibur is sshd. The easy fix for this is to move it to a different
> port. This is actually a good thing to do in itself for security
> reasons. I am planning to move the the current Excalibur sshd to port
Hi Stuart. I disagree that it is a security advantage but that's an
aside...
I couldn't help myself, I had to say it :)
> 24 next weekend. Thus, assuming there aren't howls of protest here, you
> will need a "ssh -p 24" to connected to Excalibur as of next weekend.
> Also notice this won't work from within a Humbug meeting.
We could buy an additional IP on the Linode for $1/month and bind the
humbug sshd to the 2nd interface, thus allowing continued use of tcp/22.
Not being able to ssh to excalibur directly from the meeting room sounds
problematic.
On the topic of servers...
With respect to the work already carried out, the chroot seems like an
inelegent solution to me, requiring hacked startup scripts, etc. This
sort of things costs resources (time) and isn't easy to maintain in the
long term. I know this is only meant to be a temporary solution but how
many of those last years?
Linux Australia was apparently in a position to provide a virtual system
to LUGs. Did anyone approach them?
Russell you suggested some cheaper providers on IRC one day. Perhaps one
of them would be a good option.
My 2c.
Cheers,
Rob
--
I tried to change the world but they had a no-return policy
http://www.practicalsysadmin.com
More information about the Sasig
mailing list