03-05-2002
You can still use the OpenBSD platform as a firewall... IP forwarding does not preclude the use of forwarding... and in fact, most firewalls have IP forwarding enabled (and they do packet filtering). Application proxy services are useful, but for doing client-server SSH... opening up a port for SSH is a good idea. Just keep the rest closed, if that is what you want.
8 More Discussions You Might Find Interesting
1. IP Networking
Hello,
I have an UTM that has 4 ports. I was bridged two ports of it. my pc wired to one port and other one to network. Now I can ping my default gateway but it doesn't work(I haven't access to internet) even http of gateway, what happened? what route I should added?
Thanks in advance.:confused: (0 Replies)
Discussion started by: Zaxon
0 Replies
2. HP-UX
userA and userB are two non-root accounts on HP-UX box. userA creates ssh tunnel (local forward) to some different host. Will userB be able to use that tunnel? What about remote forward? If not, what OS mechanism will prevent it from happening? Unfortunately I am unable to create this setup at this... (0 Replies)
Discussion started by: vkleban
0 Replies
3. Solaris
Hello all,
I was trying to hooking up several computers into my openindiana server box, the server box has few RJ45 gigabit ethernet. The desired hierarchy of the network will be shown as on the picture attached. I would like to connect each host into my gigabit ethernet because of me and my... (2 Replies)
Discussion started by: enno
2 Replies
4. IP Networking
Well I cannot be too certain of the setup, since it's a stock firmware, but I have a cheap Belkin wireless-n router and wanted to get some ideas of what may be going on while I've a few moments to ramble on about my problems... I requested the GPL source so I've just been pondering while waiting to... (0 Replies)
Discussion started by: neutronscott
0 Replies
5. IP Networking
Hello.
Our Company is spreaded over Germany.
There are main offices an branch offices.
These offices are mostly connecte via multiple sdsl.
We build a IPSEC VPN Infrastructure using Aastaro Security Gateways appliances.
It seemed that only one VPN Connetion between to offices could be... (0 Replies)
Discussion started by: mschwadorf
0 Replies
6. Shell Programming and Scripting
I have write a script which contains
ssh -p 12345 dcplatform@10.125.42.50
ssh 127.0.0.1 -p 5555 "$CMD"
ssh root@$GUEST_IP "$CMD"
before I use public key, it works well, now I want to change to "expect", BUT I don't want to change above code and "parameter position"
I can post a... (1 Reply)
Discussion started by: yanglei_fage
1 Replies
7. UNIX for Beginners Questions & Answers
Hi,
I want to validate ssh connection one after one for multiple servers..... password less keys already setup but now i want to validate if ssh is working fine or not...
I have .sh script like below and i have servers.txt contains all the list of servers
#/bin/bash
for host in $(cat... (3 Replies)
Discussion started by: sreeram4
3 Replies
8. Programming
Hi! I would like to start creating a bridge for good old Unix talk program. This bridge would allow you to joinIRC-channel by using talk just for example. I have a couple of questions:
1. Are there any previous attempts or implementations creating Talk bridge?
2. Which version of the talk... (9 Replies)
Discussion started by: homebeach
9 Replies
LEARN ABOUT REDHAT
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for hostbased authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during hostbased authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the the global client configuration file /etc/ssh/ssh_config by setting
HostbasedAuthentication to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about hostbased authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if hostbased
authentication is used.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
AUTHORS
Markus Friedl <markus@openbsd.org>
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
BSD
May 24, 2002 BSD