RE: Remote server warnings
might be good to make sure you can actually ssh into the box before you move it, make sure root logins are not permitted in sshd_config, make sure the daily reports will be emailed to you -- John Brooks [EMAIL PROTECTED] I'm going to be moving my server to a remote site, where I'll only be able to ssh to it for any kind of service. It has been local, hooked up via a KVM switch, so it will be a new setup for me. What sorts of problems should I keep an eye out for? What kind of setup should I have? I've turned on ssh. What else should I do? How hard will it be to update my system remotely? Thanks in advance for any help you can provide. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Remote server warnings
John Brooks wrote: might be good to make sure you can actually ssh into the box before you move it, Thanks for the quick response. I've done this - in fact, I'm updateing to 4.10 as we speak via SSH with my box still local. make sure root logins are not permitted in sshd_config, If I do this, how do I do root stuff? Login as myself and use su? make sure the daily reports will be emailed to you Ahh, good idea. -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Daemon Dancing in the Dark, a FreeBSD weblog: http://freebsd.amazingdev.com/blog/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Remote server warnings
Jonathan Arnold wrote: I'm going to be moving my server to a remote site, where I'll only be able to ssh to it for any kind of service. It has been local, hooked up via a KVM switch, so it will be a new setup for me. What sorts of problems should I keep an eye out for? What kind of setup should I have? I've turned on ssh. What else should I do? How hard will it be to update my system remotely? Thanks in advance for any help you can provide. Use rsa/dsa keys and disable password auth in sshd_config. You can generally do port upgrades via ssh without issue. Obviously you have to be careful when performing major updates like `make world` where it's usually recommended that you drop to single-user mode before installing world. Some folks claim they do the whole make world dance by remote and just don't reboot or drop to single-user mode. Personally, I'd never do this on a production box but I recall some good discussion on this list a few months ago about this very topic. Check the archives if you're interested. G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Remote server warnings
for security reasons, remote root logins are a bad thing. log in as yourself, then su to root. make sure you are a member of the 'wheel' group. -- John Brooks [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jonathan Arnold Sent: Thursday, June 16, 2005 8:51 AM To: freebsd-questions@freebsd.org Subject: Re: Remote server warnings John Brooks wrote: might be good to make sure you can actually ssh into the box before you move it, Thanks for the quick response. I've done this - in fact, I'm updateing to 4.10 as we speak via SSH with my box still local. make sure root logins are not permitted in sshd_config, If I do this, how do I do root stuff? Login as myself and use su? make sure the daily reports will be emailed to you Ahh, good idea. -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Daemon Dancing in the Dark, a FreeBSD weblog: http://freebsd.amazingdev.com/blog/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Remote server warnings
On June 16, 2005 10:02 am, Greg Maruszeczka wrote: Jonathan Arnold wrote: I'm going to be moving my server to a remote site, where I'll only be able to ssh to it for any kind of service. It has been local, hooked up via a KVM switch, so it will be a new setup for me. What sorts of problems should I keep an eye out for? What kind of setup should I have? I've turned on ssh. What else should I do? How hard will it be to update my system remotely? Thanks in advance for any help you can provide. If you can, switch the console to a serial port and connect a null modem cable between the serial port of your system and some other system that you have at least user level access to at the remote site. That way you can get to the console in the event of problems. Use rsa/dsa keys and disable password auth in sshd_config. You can generally do port upgrades via ssh without issue. Obviously you have to be careful when performing major updates like `make world` where it's usually recommended that you drop to single-user mode before installing world. Some folks claim they do the whole make world dance by remote and just don't reboot or drop to single-user mode. Personally, I'd never do this on a production box but I recall some good discussion on this list a few months ago about this very topic. Check the archives if you're interested. G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Ean Kingston E-Mail: ean AT hedron DOT org URL: http://www.hedron.org/ I am currently looking for work. If you need competent system/network administration please feel free to contact me directly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
