Jupp, I think i have an intruder, the ip 202.172.171.217 isn't known to me
at all.
I am the only one knowing the root password, and I have not logged in those
times that last are showing.
root pts/0202.172.171.217 Mon Feb 4 05:21 - 07:38 (02:16)
root pts/0
Hi
I am only using ssh. Is it possible to have rsa-keys for all users,
including vyatta?
Maybe the attackers managed to brute force my password?
This is very anoying since I have to reinstall the machine tomorrow and
doesn't know what went wrong. Haven't had time to check the logs either.
How
As far as I could tell, you cant set up key-only auth in the CLI. If
you drop an authorized_keys file in to each user's ~/.ssh directory,
and set PasswordAuthentication=no in sshd.conf you will enable key-
only auth.
--
Aubrey Wells
Senior Engineer
Shelton | Johns Technology
Yup you can have a key for each user. Take a look at:
http://suso.org/docs/shell/ssh.sdf
Nate
On Mon, 2008-02-04 at 20:00 +0100, Jostein Martinsen-Jones wrote:
Yes, i did change the root password asap!
I would much like to see a configuration snippet on how to use
rsa-keys.
Can I use
Yes, i did change the root password asap!
I would much like to see a configuration snippet on how to use rsa-keys.
Can I use several rsa-keys so i can login as different users?
2008/2/4, Nathan McBride [EMAIL PROTECTED]:
Yup sure is. I have setup my vyatta router to only allow rsa keys.
Did
We are planning to do some upgrade in our network. The
present network has one vyatta router and two internet
connections (one is 1Mb leased line and the other is 2Mb
Broadband), Since the broadband connection is limited, we are
manually changing the default gateway
Abhilash,
You should
Yup sure is. I have setup my vyatta router to only allow rsa keys.
Did you change your root password from 'vyatta'?
Nate
On Mon, 2008-02-04 at 18:13 +0100, Jostein Martinsen-Jones wrote:
Hi
I am only using ssh. Is it possible to have rsa-keys for all users,
including vyatta?
Maybe the
Hi All,
We are planning to do some upgrade in our network. The present network
has one vyatta router and two internet connections (one is 1Mb leased
line and the other is 2Mb Broadband), Since the broadband connection
is limited, we are manually changing the default gateway
* The leased line
No problemo, will do.
I'm still annoyed that someone managed to get in.
Maybe tripwire would be nice on the box?
2008/2/4, Nathan McBride [EMAIL PROTECTED]:
Correct, you have to drop down to the linux cli, not vyatta's.
On Mon, 2008-02-04 at 14:08 -0500, Aubrey Wells wrote:
As far as I
hi,
help: how to configure ssh login only one ip
--
Regards
--
Amit Shrivastava
Linux Engineer
Tetra Information Services Pvt. Ltd.
136 Ground Floor, Sant Nagar, East of Kailash,
New Delhi - 110065, India.
Email : [EMAIL PROTECTED]
Website : www.tetrain.com, www.linux4e.com
Phone
Enable the ssh from command line for webgui and then add firewall
settings to allow ssh from only one ip that you desire, rest all will
be blocked automatically.
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
Hi Jostein,
Are you using telnet or ssh to access the box? Using telnet in not secure
from a public network as the username/password is in clear text.
stig
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jostein
Martinsen-Jones
Sent: Monday, February 04, 2008
I posted a thread a month ago about getting the equivalent jdocs
for vyatta, have anybody from the Vyatta team approached
Oreiley in just getting a book produced? A paper back
edition crafted by them, would do wonders in promoting
vyatta to the networking community.
next ,
This is kind of a weird question, but I'm curious how you guys make
any money? I mean, you have this wonderful product, 100% open source,
but how to you guys keep the lights on at the office? Support
contracts? Do you guys have a real staff? Employees with salaries? A
bulletin board in the break
Well I expected that! Are there really that many commercial
subscribers to pay for a full time staff?
Did you guys need to get funding to get started? Venture capital?
On Feb 4, 2008 5:47 PM, John Jolet [EMAIL PROTECTED] wrote:
From people like me that pay for supported version :)
and they
The Vyatta business model is essentially very Red Hat-like: we sell
subscriptions, professional services, training, etc. Yes, we have real
(talented!) staff. Yes, we pay salaries. ;-) The fact is, the Vyatta team
comprises veterans from Cisco, Juniper, Nortel, and other leading
networking
Couldn't you get the same thing with the VPN dead peer-detect set to
HOLD?
Under strongswan for example, their's a setting that would allow you to
auto=start or auto=ignore, if you could add this, you should be okay.
Here's how my vyatta ipsec.conf looks;
conn peer-1.1.1.1-tunnel-1
Ken,
You are right that changing the auto=start line will change this
behavior. Initially our goal was to have a fairly simple configuration to
bring-up a tunnel, but over time we'll need to add more options to the vpn
cli. The last time this came up I opened an enhancement request to make
this
Thank you very much for filling in those blanks for me! I swear the
more and more I learn about you guys the more in love I fall ;)
I'm just playing with Vyatta right now, but once I feel comfortable
enough with it to put it into production, you best I will commit to a
support contract!
Thanks
Hey
I Have configured vlan in vyatta and bought a vlan enabled switch its
D-link DES-1226. I want to know when configuring the switch whether I
need to give the VID in switch the same as the vLAN ID is created in
vyatta?
___
Vyatta-users mailing list
Hi,
I would like to know if there is an option in vyatta to limit the bandwidth
on specific ip or all ip ?
Thanks
--
Cordialement / Sincerely
Dams
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
Definitely. It's part of the VLAN tag.
Best,
Justin
On Feb 4, 2008 9:26 PM, Go Wow [EMAIL PROTECTED] wrote:
Hey
I Have configured vlan in vyatta and bought a vlan enabled switch its
D-link DES-1226. I want to know when configuring the switch whether I
need to give the VID in switch the
Yes, that's the purpose of vlans. All traffic in vlan ID XXX is tagged
so the switch knows to send it to all members of Vlan XXX. You have to
have matching tags on both ends.
If you did not, most switch and host-nic will just discard any
unrecognized vlan tag(s).
Coming soon in a Glendale build near to you :-)
Justin
On Feb 4, 2008 9:26 PM, Dams [EMAIL PROTECTED] wrote:
Hi,
I would like to know if there is an option in vyatta to limit the bandwidth
on specific ip or all ip ?
Thanks
--
Cordialement / Sincerely
Dams
Port forwarding should be straight-forward with the Vyatta CLI; look for recent
ssh examples on this list.
Personally, I'd create a rule for each protocol and port/port range.
Best,
Justin
On Feb 4, 2008 8:31 PM, Nathan McBride [EMAIL PROTECTED] wrote:
Hey guys, I finally got my old comp which
Hi ,
Thanks for your quick reply. I am agreed that we can test the multiple
WAN load balancing feature before it is released to help with your
testing. But one thing I forgot to mention about the broadband
connection, is that it has a maximum data transfer of 20GB per month.
That is why we were
26 matches
Mail list logo