Re: [PLUG] Reverse SSH tunnel
The ozone machines I worked on did exactly that, the PLC in the machine would set up a SSH connection to the host end. From that point on, there was a pipe between the remote device and the host end. As far as I know there were not issues with it as far as cracking or intercepting it. The host end was a Linux machine. I can not remember all of the bits and pieces but do rememeber that was how the machines were linked to the host. On Fri, Mar 3, 2017 at 5:03 PM, VY wrote: > Thanks for the reply, I am now much more comfortable with this solution > > -v > > > On Fri, Mar 3, 2017 at 2:28 PM, chris (fool) mccraw > wrote: > > > I too have never heard of any problem with this setup (which I've also > used > > with success, including the autossh part). Would be curious to know if > > anyone has substantive issues they can point to rather than scuttlebutt! > > > > On Fri, Mar 3, 2017 at 1:10 PM, Tom > wrote: > > > > > Reverse ssh tunnel is secure solution, if configured properly and using > > > robust keys, access control and strong password. It keeps control over > > > the connection with the connecting user/site as it should be in normal > > > customer/supplier relationship. > > > I do not want to speculate about what you've heard. If you were not > > > told why/what the problem is, I would do due diligence on the ssh side > > > (patching CVE reviews, access logs, configuration, best practices, key > > > rotation, etc.), formally request details from the person making the > > > security issue claim. If the outcome is not negative for the existing > > > ssh proxy/tunnel a measured by data, not by fear, and there are not > > > other considerations against it (such as maintainability, existing VPN > > > infrastructure, etc.), I would recommend keeping it. > > > There are many FUD type claims against openSSH, openSSL, > > > insertYourFavouriteProtocolHere based on past issues in favor of other > > > closed, small, not well maintained/updated alternatives. Despite the > > > bad press/performance in the past, Network Time Protocol, OpenSSH and > > > OpenSSL are Linux Foundation Core Infrastructure Projects for a while - > > > with significant quantitative quality and funding improvements, reviews > > > and full disclosures in the open. > > > I hope it helps, Tomas > > > On Fri, 2017-03-03 at 09:13 -0800, VY wrote: > > > > Unfortunately, I have no access to that person anymore. > > > > > > > > Based on your experience, there were no issues that you have run into > > > > with > > > > such deployment? > > > > > > > > -v > > > > > > > > > > > > On Fri, Mar 3, 2017 at 9:07 AM, Robert Citek > > > > > wrote: > > > > > > > > > I would ask the person who told you that this is not secure to > > > > > elaborate. > > > > > I have worked with a number of companies that do this. So I am as > > > > > curious > > > > > as you are. > > > > > > > > > > Regards, > > > > > - Robert > > > > > > > > > > On Fri, Mar 3, 2017 at 9:01 AM VY wrote: > > > > > > > > > > > Dear All: > > > > > > > > > > > > I am supporting a client that has product linux PCs running in > > > > > > the field. > > > > > > The person before me has built a reverse SSH tunnel (connection > > > > > > initiated > > > > > > by the device itself back to us and the connection is monitored > > > > > > by > > > > > > autossh). > > > > > > > > > > > > I was told this is not secure. I am no expert in security. > > > > > > What are > > > > > the > > > > > > possible issues with this approach? And what would be a more > > > > > > secure > > > > > > mechanism than reverse SSH? > > > > > > > > > > > > thanks > > > > > > > > > > > > -v > > > > > > ___ > > > > > > PLUG mailing list > > > > > > PLUG@lists.pdxlinux.org > > > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > > > > > ___ > > > > > PLUG mailing list > > > > > PLUG@lists.pdxlinux.org > > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > > > ___ > > > > PLUG mailing list > > > > PLUG@lists.pdxlinux.org > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > ___ > > > PLUG mailing list > > > PLUG@lists.pdxlinux.org > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > ___ > > PLUG mailing list > > PLUG@lists.pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > -- Chuck Hast -- KP4DJT -- Glass, five thousand years of history and getting better. The only container material that the USDA gives blanket approval on. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Reverse SSH tunnel
Thanks for the reply, I am now much more comfortable with this solution -v On Fri, Mar 3, 2017 at 2:28 PM, chris (fool) mccraw wrote: > I too have never heard of any problem with this setup (which I've also used > with success, including the autossh part). Would be curious to know if > anyone has substantive issues they can point to rather than scuttlebutt! > > On Fri, Mar 3, 2017 at 1:10 PM, Tom wrote: > > > Reverse ssh tunnel is secure solution, if configured properly and using > > robust keys, access control and strong password. It keeps control over > > the connection with the connecting user/site as it should be in normal > > customer/supplier relationship. > > I do not want to speculate about what you've heard. If you were not > > told why/what the problem is, I would do due diligence on the ssh side > > (patching CVE reviews, access logs, configuration, best practices, key > > rotation, etc.), formally request details from the person making the > > security issue claim. If the outcome is not negative for the existing > > ssh proxy/tunnel a measured by data, not by fear, and there are not > > other considerations against it (such as maintainability, existing VPN > > infrastructure, etc.), I would recommend keeping it. > > There are many FUD type claims against openSSH, openSSL, > > insertYourFavouriteProtocolHere based on past issues in favor of other > > closed, small, not well maintained/updated alternatives. Despite the > > bad press/performance in the past, Network Time Protocol, OpenSSH and > > OpenSSL are Linux Foundation Core Infrastructure Projects for a while - > > with significant quantitative quality and funding improvements, reviews > > and full disclosures in the open. > > I hope it helps, Tomas > > On Fri, 2017-03-03 at 09:13 -0800, VY wrote: > > > Unfortunately, I have no access to that person anymore. > > > > > > Based on your experience, there were no issues that you have run into > > > with > > > such deployment? > > > > > > -v > > > > > > > > > On Fri, Mar 3, 2017 at 9:07 AM, Robert Citek > > > wrote: > > > > > > > I would ask the person who told you that this is not secure to > > > > elaborate. > > > > I have worked with a number of companies that do this. So I am as > > > > curious > > > > as you are. > > > > > > > > Regards, > > > > - Robert > > > > > > > > On Fri, Mar 3, 2017 at 9:01 AM VY wrote: > > > > > > > > > Dear All: > > > > > > > > > > I am supporting a client that has product linux PCs running in > > > > > the field. > > > > > The person before me has built a reverse SSH tunnel (connection > > > > > initiated > > > > > by the device itself back to us and the connection is monitored > > > > > by > > > > > autossh). > > > > > > > > > > I was told this is not secure. I am no expert in security. > > > > > What are > > > > the > > > > > possible issues with this approach? And what would be a more > > > > > secure > > > > > mechanism than reverse SSH? > > > > > > > > > > thanks > > > > > > > > > > -v > > > > > ___ > > > > > PLUG mailing list > > > > > PLUG@lists.pdxlinux.org > > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > > > ___ > > > > PLUG mailing list > > > > PLUG@lists.pdxlinux.org > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > ___ > > > PLUG mailing list > > > PLUG@lists.pdxlinux.org > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > ___ > > PLUG mailing list > > PLUG@lists.pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Reverse SSH tunnel
I too have never heard of any problem with this setup (which I've also used with success, including the autossh part). Would be curious to know if anyone has substantive issues they can point to rather than scuttlebutt! On Fri, Mar 3, 2017 at 1:10 PM, Tom wrote: > Reverse ssh tunnel is secure solution, if configured properly and using > robust keys, access control and strong password. It keeps control over > the connection with the connecting user/site as it should be in normal > customer/supplier relationship. > I do not want to speculate about what you've heard. If you were not > told why/what the problem is, I would do due diligence on the ssh side > (patching CVE reviews, access logs, configuration, best practices, key > rotation, etc.), formally request details from the person making the > security issue claim. If the outcome is not negative for the existing > ssh proxy/tunnel a measured by data, not by fear, and there are not > other considerations against it (such as maintainability, existing VPN > infrastructure, etc.), I would recommend keeping it. > There are many FUD type claims against openSSH, openSSL, > insertYourFavouriteProtocolHere based on past issues in favor of other > closed, small, not well maintained/updated alternatives. Despite the > bad press/performance in the past, Network Time Protocol, OpenSSH and > OpenSSL are Linux Foundation Core Infrastructure Projects for a while - > with significant quantitative quality and funding improvements, reviews > and full disclosures in the open. > I hope it helps, Tomas > On Fri, 2017-03-03 at 09:13 -0800, VY wrote: > > Unfortunately, I have no access to that person anymore. > > > > Based on your experience, there were no issues that you have run into > > with > > such deployment? > > > > -v > > > > > > On Fri, Mar 3, 2017 at 9:07 AM, Robert Citek > > wrote: > > > > > I would ask the person who told you that this is not secure to > > > elaborate. > > > I have worked with a number of companies that do this. So I am as > > > curious > > > as you are. > > > > > > Regards, > > > - Robert > > > > > > On Fri, Mar 3, 2017 at 9:01 AM VY wrote: > > > > > > > Dear All: > > > > > > > > I am supporting a client that has product linux PCs running in > > > > the field. > > > > The person before me has built a reverse SSH tunnel (connection > > > > initiated > > > > by the device itself back to us and the connection is monitored > > > > by > > > > autossh). > > > > > > > > I was told this is not secure. I am no expert in security. > > > > What are > > > the > > > > possible issues with this approach? And what would be a more > > > > secure > > > > mechanism than reverse SSH? > > > > > > > > thanks > > > > > > > > -v > > > > ___ > > > > PLUG mailing list > > > > PLUG@lists.pdxlinux.org > > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > ___ > > > PLUG mailing list > > > PLUG@lists.pdxlinux.org > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > ___ > > PLUG mailing list > > PLUG@lists.pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Reverse SSH tunnel
Reverse ssh tunnel is secure solution, if configured properly and using robust keys, access control and strong password. It keeps control over the connection with the connecting user/site as it should be in normal customer/supplier relationship. I do not want to speculate about what you've heard. If you were not told why/what the problem is, I would do due diligence on the ssh side (patching CVE reviews, access logs, configuration, best practices, key rotation, etc.), formally request details from the person making the security issue claim. If the outcome is not negative for the existing ssh proxy/tunnel a measured by data, not by fear, and there are not other considerations against it (such as maintainability, existing VPN infrastructure, etc.), I would recommend keeping it. There are many FUD type claims against openSSH, openSSL, insertYourFavouriteProtocolHere based on past issues in favor of other closed, small, not well maintained/updated alternatives. Despite the bad press/performance in the past, Network Time Protocol, OpenSSH and OpenSSL are Linux Foundation Core Infrastructure Projects for a while - with significant quantitative quality and funding improvements, reviews and full disclosures in the open. I hope it helps, Tomas On Fri, 2017-03-03 at 09:13 -0800, VY wrote: > Unfortunately, I have no access to that person anymore. > > Based on your experience, there were no issues that you have run into > with > such deployment? > > -v > > > On Fri, Mar 3, 2017 at 9:07 AM, Robert Citek > wrote: > > > I would ask the person who told you that this is not secure to > > elaborate. > > I have worked with a number of companies that do this. So I am as > > curious > > as you are. > > > > Regards, > > - Robert > > > > On Fri, Mar 3, 2017 at 9:01 AM VY wrote: > > > > > Dear All: > > > > > > I am supporting a client that has product linux PCs running in > > > the field. > > > The person before me has built a reverse SSH tunnel (connection > > > initiated > > > by the device itself back to us and the connection is monitored > > > by > > > autossh). > > > > > > I was told this is not secure. I am no expert in security. > > > What are > > the > > > possible issues with this approach? And what would be a more > > > secure > > > mechanism than reverse SSH? > > > > > > thanks > > > > > > -v > > > ___ > > > PLUG mailing list > > > PLUG@lists.pdxlinux.org > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > ___ > > PLUG mailing list > > PLUG@lists.pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images [FIXED]
On Thu, 2 Mar 2017, Rich Shepard wrote: > Starting yesterday morning firefox-45.7.0 did not display images on > certain web pages, Well, I rebuilt the appearance and bookmarks from scratch. Will never know what broke, but at least it now works. I learned, too, that the 'classic' appearance (e.g., text rather than pictures for those of us who can read) are no longer supported; they'll be totally gone in firefox-57 this coming autumn. That's too bad, IMO. Ah, well. Thanks to all who offered help, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, 3 Mar 2017, Rich Shepard wrote: > I guess now my task is to disable individual add-ons and see which one > broke. Now I have a plan ... Now I would appreciate suggestions for restoring firefox as it was before. What I did: 1. mv ~/.mozilla to ~/.backup.mozilla 2. start a new firefox and check a couple of web sites. 3. rm -rf ~/.mozilla 4. mv ~/.backup.mozilla ~/.mozilla What I see now is a fresh firefox with no settings that were present in the original display/ 5. Copied ~/.mozilla from the 14 February 2017 backup; this was when it was all working. But, I still get a brand-new firefox that does not seem to find the contents of ~/.mozilla: extensions/ firefox/ mozver.dat plugins/. The firefox/ subdirectory has the old contents: 83alcj6t.default/ Crash Reports/ n2x90tve.default/ profiles.ini. And the 83alcj65.defaults/ subdirectory has all the bookmarks, display setup, etc. What might I have done incorrectly that the contents of ~/.mozilla appear to not be seen and used? Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, 3 Mar 2017, Don Buchholz wrote: > May you've got some settings/preferences or add-ins tweaked ... Don, Well, they were not deliberately tweaked by me. But, a clean firefox displays correctly. I don't think it was a settings difference; at least, there was no setting I changed Tuesday or Wednesday. I guess now my task is to disable individual add-ons and see which one broke. Now I have a plan ... Thanks very much, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, 3 Mar 2017, Bill Barry wrote: > There used to be a Refresh Firefox feature that resets the preferences to > default levels and does some other cleanup. Bill, I've tried a bunch of things, but none explain why some sites are completely uneffected, some completely affected, and some partially affected. This makes it really difficult to diagnose. And, this started only at the first of March; never happened before. (NB: the ides of March aren't until the 15th). Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
May you've got some settings/preferences or add-ins tweaked ... 1) Close Firefox (and check process table to make sure nothing is still lingering). 2) Rename your $HOME/.mozilla to something like $HOME/.OFF.mozilla. 3) Make sure there is no $HOME/.firefox folder ... if there is, rename it too. ... just a shot in the dark. - Don From: plug-boun...@lists.pdxlinux.org on behalf of Rich Shepard Sent: Friday, March 3, 2017 7:35:52 AM To: Portland Linux/Unix Group Subject: Re: [PLUG] Web browsers not displaying images On Thu, 2 Mar 2017, Rich Shepard wrote: > This morning I tested these sites from a different host and they all > displayed and worked as expected. So the problem is on my desktop > server/workstation. > I rebooted the system but this does not fix the problem. I'm at a loss > where to look for the source of this new issue as I've not before > encountered anything like it. Today I re-installed firefox-45.7.0 but this made no difference. I'm looking for suggestions for where to look for this problem. It's not consistent (for example, some images on bbc.com and reuters.com display, some do not; all images on other news sites display, none display on other news sites) and affects only this desktop. Since rebooting the system and re-installing firefox did not fix the problem where else should I look? Puzzled, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, 3 Mar 2017, Dick Steffens wrote: > Have you looked at the page source to see if it reveals anything? Dick, I see nothing informative there. But, it gave me an idea: perhaps it's because I use adblock-plus. So, I turned it off for that site and sure enough -- the ads were not visible either. :-) Turned on adblock-plus because that's not the issue. Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, Mar 3, 2017 at 9:33 AM, Rich Shepard wrote: > On Fri, 3 Mar 2017, Bill Barry wrote: > >> Did you try Ctrl-Shift-R on the page in question. This loads a completely >> new page, bypassing the cache. > > Bill, > >Just tried this but there's no difference. This is quite a challenge, and > frustrating, too. > >Keep the suggestions coming! > There used to be a Refresh Firefox feature that resets the preferences to default levels and does some other cleanup. I don't see it in my current version, but you might still have it. https://support.mozilla.org/t5/Procedures-to-diagnose-and-fix/Reset-Firefox-preferences-to-troubleshoot-and-fix-problems/ta-p/1340 There is also the choice of restarting Firefox with Add-Ons disabled which you can get to by going to the url about:support . This might or might not apply to you. Bill ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On 03/03/2017 09:33 AM, Rich Shepard wrote: > On Fri, 3 Mar 2017, Bill Barry wrote: > >> Did you try Ctrl-Shift-R on the page in question. This loads a completely >> new page, bypassing the cache. > Bill, > > Just tried this but there's no difference. This is quite a challenge, and > frustrating, too. > > Keep the suggestions coming! Have you looked at the page source to see if it reveals anything? In my version of Firefox [51.0.5 (64 bit) Mozilla Firefox for Ubuntu] it's under Tools > Web Developer, or you can get it with U. -- Regards, Dick Steffens ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, 3 Mar 2017, Bill Barry wrote: > Did you try Ctrl-Shift-R on the page in question. This loads a completely > new page, bypassing the cache. Bill, Just tried this but there's no difference. This is quite a challenge, and frustrating, too. Keep the suggestions coming! Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Reverse SSH tunnel
None. But then maybe we do and don't know it. When I set up a reverse tunnel, I take a number of precautions. I use large ssh-keys and strong ciphers/MACs. The jump box has limited access and capabilities. The target account on the jump box is locked down (i.e. ssh-key access only, incoming only from source system IP, password is random and unknown, etc.). To access the source system, you first have to log in to the jump box with your account (again, ssh-key only, unknown-random password,etc.) Finally, you need an account on the source system. That's the simple setup. You can get more fancy with Multi-Factor Authentication, IDS, non-obvious ports, port-knocking, etc. Hack proof? No, as nothing ever is. But the probability is pretty small. If there's a weakness, my guess would be that it's not with the reverse tunnel, the source system, or the jump box, but with whatever system you use to access those. There are easier ways to access the source system than trying to crack into an ssh system: https://xkcd.com/538/ Good luck and let us know what you discover. Regards, - Robert On Fri, Mar 3, 2017 at 9:13 AM, VY wrote: > Unfortunately, I have no access to that person anymore. > > Based on your experience, there were no issues that you have run into with > such deployment? > > -v > > > On Fri, Mar 3, 2017 at 9:07 AM, Robert Citek wrote: > >> I would ask the person who told you that this is not secure to elaborate. >> I have worked with a number of companies that do this. So I am as curious >> as you are. >> >> Regards, >> - Robert >> >> On Fri, Mar 3, 2017 at 9:01 AM VY wrote: >> >> > Dear All: >> > >> > I am supporting a client that has product linux PCs running in the field. >> > The person before me has built a reverse SSH tunnel (connection initiated >> > by the device itself back to us and the connection is monitored by >> > autossh). >> > >> > I was told this is not secure. I am no expert in security. What are >> the >> > possible issues with this approach? And what would be a more secure >> > mechanism than reverse SSH? >> > >> > thanks >> > >> > -v >> > ___ >> > PLUG mailing list >> > PLUG@lists.pdxlinux.org >> > http://lists.pdxlinux.org/mailman/listinfo/plug >> > >> ___ >> PLUG mailing list >> PLUG@lists.pdxlinux.org >> http://lists.pdxlinux.org/mailman/listinfo/plug >> > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, Mar 3, 2017 at 7:35 AM, Rich Shepard wrote: > On Thu, 2 Mar 2017, Rich Shepard wrote: > >> This morning I tested these sites from a different host and they all >> displayed and worked as expected. So the problem is on my desktop >> server/workstation. > >> I rebooted the system but this does not fix the problem. I'm at a loss >> where to look for the source of this new issue as I've not before >> encountered anything like it. > >Today I re-installed firefox-45.7.0 but this made no difference. I'm > looking for suggestions for where to look for this problem. It's not > consistent (for example, some images on bbc.com and reuters.com display, > some do not; all images on other news sites display, none display on other > news sites) and affects only this desktop. > >Since rebooting the system and re-installing firefox did not fix the > problem where else should I look? > Did you try Ctrl -Shift -R on the page in question. This loads a completely new page, bypassing the cache. Bill ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Fri, 3 Mar 2017, Chuck Hast wrote: > I tested both sites and they both came up clean. I am no longer seeing > this, not sure what to say about it. I at first thought it was my system > too when I first saw it but like I said earlier it was on both my > machines. Well, perhaps it has something to do with Frontier Communications or my ISP. I'll ask tech support at the latter about this. But, it's an issue on only one host here out of 3 currently up and running. Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
Rich, I tested both sites and they both came up clean. I am no longer seeing this, not sure what to say about it. I at first thought it was my system too when I first saw it but like I said earlier it was on both my machines. On Fri, Mar 3, 2017 at 7:35 AM, Rich Shepard wrote: > On Thu, 2 Mar 2017, Rich Shepard wrote: > > > This morning I tested these sites from a different host and they all > > displayed and worked as expected. So the problem is on my desktop > > server/workstation. > > > I rebooted the system but this does not fix the problem. I'm at a loss > > where to look for the source of this new issue as I've not before > > encountered anything like it. > >Today I re-installed firefox-45.7.0 but this made no difference. I'm > looking for suggestions for where to look for this problem. It's not > consistent (for example, some images on bbc.com and reuters.com display, > some do not; all images on other news sites display, none display on other > news sites) and affects only this desktop. > >Since rebooting the system and re-installing firefox did not fix the > problem where else should I look? > > Puzzled, > > Rich > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > -- Chuck Hast -- KP4DJT -- Glass, five thousand years of history and getting better. The only container material that the USDA gives blanket approval on. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Reverse SSH tunnel
Unfortunately, I have no access to that person anymore. Based on your experience, there were no issues that you have run into with such deployment? -v On Fri, Mar 3, 2017 at 9:07 AM, Robert Citek wrote: > I would ask the person who told you that this is not secure to elaborate. > I have worked with a number of companies that do this. So I am as curious > as you are. > > Regards, > - Robert > > On Fri, Mar 3, 2017 at 9:01 AM VY wrote: > > > Dear All: > > > > I am supporting a client that has product linux PCs running in the field. > > The person before me has built a reverse SSH tunnel (connection initiated > > by the device itself back to us and the connection is monitored by > > autossh). > > > > I was told this is not secure. I am no expert in security. What are > the > > possible issues with this approach? And what would be a more secure > > mechanism than reverse SSH? > > > > thanks > > > > -v > > ___ > > PLUG mailing list > > PLUG@lists.pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Reverse SSH tunnel
I would ask the person who told you that this is not secure to elaborate. I have worked with a number of companies that do this. So I am as curious as you are. Regards, - Robert On Fri, Mar 3, 2017 at 9:01 AM VY wrote: > Dear All: > > I am supporting a client that has product linux PCs running in the field. > The person before me has built a reverse SSH tunnel (connection initiated > by the device itself back to us and the connection is monitored by > autossh). > > I was told this is not secure. I am no expert in security. What are the > possible issues with this approach? And what would be a more secure > mechanism than reverse SSH? > > thanks > > -v > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] Reverse SSH tunnel
Dear All: I am supporting a client that has product linux PCs running in the field. The person before me has built a reverse SSH tunnel (connection initiated by the device itself back to us and the connection is monitored by autossh). I was told this is not secure. I am no expert in security. What are the possible issues with this approach? And what would be a more secure mechanism than reverse SSH? thanks -v ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Thu, 2 Mar 2017, Rich Shepard wrote: > This morning I tested these sites from a different host and they all > displayed and worked as expected. So the problem is on my desktop > server/workstation. > I rebooted the system but this does not fix the problem. I'm at a loss > where to look for the source of this new issue as I've not before > encountered anything like it. Today I re-installed firefox-45.7.0 but this made no difference. I'm looking for suggestions for where to look for this problem. It's not consistent (for example, some images on bbc.com and reuters.com display, some do not; all images on other news sites display, none display on other news sites) and affects only this desktop. Since rebooting the system and re-installing firefox did not fix the problem where else should I look? Puzzled, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Web browsers not displaying images
On Thu, 2 Mar 2017, Chuck Hast wrote: > I had I think it was linkdin got idiot for a bit this morning but it came > back. I am doing job hunting, and was seeing those weird screens there for > a while. It is bad enough dealing with Hughesnet that can not seem to get > links to some sites that I am trying to reach, I have a wait a bit and > THEN I can get there. I hope to soon find a job, and get moved to some > place where we do not have to live with Hughesnet, whattapieaceofcrap... Chuck, It's encouraging to read that I can expect things to clear up here, too. What puzzles me is why I see issues on the desktop running Slackware-14.1/32-bit but not on a laptop running Slackware-14.2/64-bit. Both running the same version of firefox. Does Longview have coffee shops or a library with free WiFi access that gives you better connections? Having been in the job market more than a few times many years ago I understand your frustration and wish you the best in quickly finding a new position. Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Job running in background
On Thu, 2 Mar 2017, Erik Lane wrote: > Just a quick note - there is practically no learning curve to screen. Good to know, Erik. > You can start it with just 'screen' then run whatever commands you want, > and then you can disconnect it with Ctrl-a d. (Ctrl-a pushed together, > then release both, then press d by itself.) Then 'screen -r' will > reconnect to it to check what it's doing. That's simple enough. > (For example, one that might run for days... :) ) Well, the current model run (after tweaking the parameter file) was started yesterday at 3:15 pm. Today, at 5:45 am, it is 9% complete (on day 2 of 25 days) with an ETA of 6 days and 10 hours. (The author tells me that at some point the ETA will be reduced.) So, for the next run (with one different condition) I'll use screen. Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug