You are not logged in.
Pages: 1
i have a webserver in my basement without a keyboard, monitor or mouse permanently attached to it. so maintaining it is rather difficult. so i've been looking at setting up telnet or ssh on it (which i should have done from the start) so i can manage it from another machine within my network
now i understand that telnet lacks any type of security, and i'm only using it behind my network anyway. but my concern is if i want to log into it from outside my network through my vpn. i use openvpn, so i'm asking, because i'm not sure the vpn connection is encrypted or not, and if its not, then ssh will be the way to go, otherwise i think telnet is just easier.
this is a signature
Offline
I think a vpn is encrypted by default, a tunnel over the internet that isn't sounds very unsafe.
Never the less I would still go with ssh, it's way more secure it is very default/standard on linux, and a ssh client can be installed in windows in a snip.
Offline
well, i setup openssh, followed the wiki
but i can't start the daemon, i keep getting a libcrypt.so.1.0.0 doesn't exist or something. i forget exactly, the server is in the other room
this is a signature
Offline
Why would you not use ssh? It is fairly easy to set up, it is orders of magnitude more secure than telnet. You can do all kinds of things with port forwarding you just can't do with telnet. The most useful example (IMHO) is to use it to implement a SFTP server. If you are using a GUI WM on the host, most allow you to abstract the sftp file system to that host's file browser.
Clients are available on just about every *nix box I use has one, and PuTTY works beautifully on Windows and can be run directly from a thumb drive.
The only time I use a telnet client is to talk to non-telnet services for debugging (daytime, pop3, smtp, http, etc...)
Seriously, choose ssh.
As an aside, I run mine on port 443. That port is normally shttp and is therefore rarely blocked if you are trying to reach your system from a hotel, internet cafe, work, etc... Also, script kiddies don't seem to try to hack that port with brute force password crack attempts.
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
yeah, like i said above, i'm passed choosing which to use. and i'm not going to be connecting to my server directly using ssh from outside, i use my vpn to connect from outside. so i only have 2 ports forwarded, my vpn, and my http for the webserver. i like to keep the minimum open for security reasons, there's nothing else i need open that i can't workaround through vpn
but either way. right now, i can't start sshd, getting that libcrypt.so error
this is a signature
Offline
I can't see a reason why you would want to use telnet.
Offline
but either way. right now, i can't start sshd, getting that libcrypt.so error
arch up to date?
did you enable testing and update half way through? this seems to be the issue. just pacman -Syyu
Offline
yeah. turns out i did have to run updates. its my webserver, so for the most part, it gets minimal updates, since updates mean downtime. usually when i get to it, i check the available updates, and try to research some of the changes so i know what to expect before i do it to keep the downtime to a minimal. everything updated, no problems, ssh is working now. so i can disconnect the monitor i had on it that i fixed this morning since i want to use it for a test bench with my other 4port kvm
anyway, thanks for the help guys
this is a signature
Offline
On my server I uninstall the standard kernel and install the package "kernel26-lts" (stands for long term support at a guess) keeps the kernel version static eliminates a breakage from a kernel update. Don't forget to update grub if you do this. I would reccomend keeping the original kernel around until you are sure lts has worked.
Last edited by gazj (2010-05-10 16:31:32)
Offline
If 'minimal' updates mean what I think it means, then you're only making yourself miserable. Partial updates will break the system; it's a rolling release and often updates depend on one another. Doing 'minimal' updates is not the way to go. If you're afraid stuff breaks, pick another distro, or try the Arch Server Project, or at least install an LTS kernel like gazj did.
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
Two good reasons for keeping telnet around is for accessing consoles on other Unices and for checking if a port is open for tcp traffic in a firewall.
For everyday use and security nothing really beats ssh.
Offline
If 'minimal' updates mean what I think it means, then you're only making yourself miserable. Partial updates will break the system; it's a rolling release and often updates depend on one another. Doing 'minimal' updates is not the way to go. If you're afraid stuff breaks, pick another distro, or try the Arch Server Project, or at least install an LTS kernel like gazj did.
i didn't mean minimal updates like that, i just meant that i don't update it very often. i do run the lts kernel. i just don't update everything else too often out of the blue like that because its setup and working. i ran into issues with mysql one time when i just went ahead and updated, had trouble getting it going right. so i like to plan my downtime and try to know what to expect. so instead of planning to have it down for 10 minutes, and having that turn into an hour, i can plan for an hour if thats what i know it will take.
this is a signature
Offline
i didn't mean minimal updates like that, i just meant that i don't update it very often.
There's no problem with this, but any time you install new software, you need to update. Packages in the repos are linked against current libraries in the repos which you may not have.
archlinux - please read this and this — twice — then ask questions.
--
http://rsontech.net | http://github.com/rson
Offline
Pages: 1