[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4668: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3815)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4670: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3815)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4671: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3815)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4672: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3815)
Void's Forums • View topic - SSH Tunnels?

SSH Tunnels?

Place to discuss Fedora and/or Red Hat

SSH Tunnels?

Postby ZiaTioN » Tue May 10, 2005 10:19 pm

ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm

Postby Void Main » Wed May 11, 2005 7:51 am

User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA

Postby ZiaTioN » Wed May 11, 2005 9:18 am

ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm

Postby ZiaTioN » Thu May 12, 2005 1:13 am

ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm

Postby Void Main » Thu May 12, 2005 6:33 am

User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA

Postby ZiaTioN » Thu May 12, 2005 10:31 am

ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm

Postby Void Main » Thu May 12, 2005 10:42 am

User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA

Postby ZiaTioN » Thu May 12, 2005 11:45 am

ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm

Postby Tux » Thu May 12, 2005 12:02 pm

No, anyone with the key can log in. The shared key is your authentication.
Tux
guru
guru
 
Posts: 689
Joined: Wed Jan 08, 2003 10:40 am

Postby Void Main » Thu May 12, 2005 2:49 pm

The password that you are scripting in is the password to log in to host to set up the tunnel correct? You can use a key rather than a password for this, and this is only for setting up the tunnel. Once the tunnel is set up there is no difference whether you used a password or a key to access the server to set up the tunnel in the first place. As long as you keep your private key private (stays in your ~/.ssh directory on the client) then things are more secure than using passwords actually. In fact if anyone other than you (and root) have access to your private key ssh will not use it because it can't be trusted and it will prompt you for a password.

Now, you need to make sure you take caution to restrict access to the port that is forwarded and the server on the other end of it just as you would had you had direct access to it (restrict access to specific hosts/networks and have good passwords). You could also use a key rather than password for logins over the forwarded port if you wanted. I used keys on everything. Very rarely do I type in a password to get to other servers. Like Tux said, if your private key doesn't match the public key that you put in your autorized_keys file on the remote end then you ain't getting in, which also means no one else is getting in without a password because they better not have your private key. The important thing is to keep your private key private as always. Think of it as your private key IS your password.
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA

Postby ZiaTioN » Thu May 12, 2005 8:14 pm

I had a chance to check this out and it is much simpler then using the script. Although it was a fun exercixe writing the script it is simply better to use the key. I was only worried that once the session/tunnel was setup between the two machines using a key that it was an open pipe for outside connections to walk through. I was just not thinking about the similarities of establishing a tunnel with a pass as aposed to a key. Establishing a tunnel with a password does not leave a wide open pipe for outside connections to walk through therefore why would a tunnel authed by a key do any different.

You know though it would have been nice of you to suggest this BEFORE I wrote the expect script! :lol:
ZiaTioN
administrator
administrator
 
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm

Postby Void Main » Thu May 12, 2005 8:52 pm

You learn more by doing things the hard way first. I'm just helping out. :)
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA


Return to Fedora/Red Hat

Who is online

Users browsing this forum: No registered users and 1 guest

cron