You are not logged in.

#1 2005-05-06 13:55:47

CyberTron
Member
From: Gotland ,Sweden
Registered: 2005-03-17
Posts: 645
Website

SSH, any reasons for running that?

Hi!

This might be stupid...but I had to ask.

Why does anyone wanna run ssh?  What are the benefits compared to VNC for example?
The reason I ask is that I am currently running TightVnc on my server and using vncviewer to remotly control the desktop.
Is it possible to use ssh to start x or contorl X ? or is it just command line?


http://www.linuxportalen.com  -> Linux Help portal for Linux and ArchLinux (in swedish)

Dell Inspiron 8500
Kernel 2.6.14-archck1  (selfcompiled)
Enlightenment 17

Offline

#2 2005-05-06 14:29:01

tomk
Forum Fellow
From: Ireland
Registered: 2004-07-21
Posts: 9,838

Re: SSH, any reasons for running that?

Yep, SSH is command line - Secure SHell, right? If you really want to, you can issue the startx command via SSH, but you won't see the results.

Typically, server installations do not include X, so VNC and other graphical remote control apps are not relevant. That's where SSH comes in. Mind you, I use SSH for all my machines, X or not - I guess I just like CLI.  smile

Offline

#3 2005-05-06 14:40:56

Spider.007
Member
Registered: 2004-06-20
Posts: 1,145
Website

Re: SSH, any reasons for running that?

Why would you want to use a GUI if you can choose the power of a shell?

Offline

#4 2005-05-06 14:42:21

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: SSH, any reasons for running that?

you *can* forward X over ssh - it's fun...

Offline

#5 2005-05-06 14:46:03

CyberTron
Member
From: Gotland ,Sweden
Registered: 2005-03-17
Posts: 645
Website

Re: SSH, any reasons for running that?

phrakture wrote:

you *can* forward X over ssh - it's fun...

You mean that I should be able to use SSH to contorl X as well? (if I forwards it?)

The reason I ask is that I have no screen attached to my server and tightvnc is not as stable as I want it to be...and probably not as secure as ssh (even though I saw that you (Phrakture) was hacked...is everything ok btw?)


http://www.linuxportalen.com  -> Linux Help portal for Linux and ArchLinux (in swedish)

Dell Inspiron 8500
Kernel 2.6.14-archck1  (selfcompiled)
Enlightenment 17

Offline

#6 2005-05-06 14:56:42

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: SSH, any reasons for running that?

yeah - the interesting thing about X forwarding over ssh is that you don't need an X server on the remote computer... I used to do it from work... I'd run cygwin, ssh to my box and type "firefox" and it would start on my computer here (yeah, it was ass slow).

for server management, I would suggest using ssh (you probably shouldn't need X to manage it either)

Offline

#7 2005-05-06 15:05:44

CyberTron
Member
From: Gotland ,Sweden
Registered: 2005-03-17
Posts: 645
Website

Re: SSH, any reasons for running that?

ok, have any good wiki on using ssh? or some good starting points?


http://www.linuxportalen.com  -> Linux Help portal for Linux and ArchLinux (in swedish)

Dell Inspiron 8500
Kernel 2.6.14-archck1  (selfcompiled)
Enlightenment 17

Offline

#8 2005-05-06 15:15:26

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: SSH, any reasons for running that?

CyberTron wrote:

ok, have any good wiki on using ssh? or some good starting points?

no, but maybe I'll write one, as I'm going to switch from using password authentication to key-pair authentication, so it'll take a bit of configuring and stuff...

it's pretty easy to get setup... add sshd to the daemons on the server (and run /etc/rc.d/sshd start) and then on another machine type "ssh 192.168.X.X" and you should connect.

Now, for security reasons, change the port from 22 if you're going to expose it to the world (I did this) and in the sshd_config file, make sure to disallow root logon from ssh (important: add sshd_config to pacman's NoUpgrade - this was my hole....).

You may also want to add specific hosts to your /etc/hosts.{allow,deny} for SSHD - I did that for a while, but I connect from many different places....

Offline

#9 2005-05-06 16:05:05

CyberTron
Member
From: Gotland ,Sweden
Registered: 2005-03-17
Posts: 645
Website

Re: SSH, any reasons for running that?

phrakture wrote:

no, but maybe I'll write one, as I'm going to switch from using password authentication to key-pair authentication, so it'll take a bit of configuring and stuff...

That would be great!!

I am going to borrow a lcd-screen from a friend soon and then my old gentoo-server will be a arch-server big_smile
with SSH big_smile


http://www.linuxportalen.com  -> Linux Help portal for Linux and ArchLinux (in swedish)

Dell Inspiron 8500
Kernel 2.6.14-archck1  (selfcompiled)
Enlightenment 17

Offline

#10 2005-05-06 16:33:46

darkcoder
Member
From: A bar near you
Registered: 2004-09-10
Posts: 310

Re: SSH, any reasons for running that?

phrakture wrote:

(important: add sshd_config to pacman's NoUpgrade - this was my hole....)

Would be nice if developers add it to the standard pacman.conf.  Not only SSH, but any server config should not  be replaced on update.  In that way problems like these will not happened again.

Offline

#11 2005-05-06 16:37:54

sud_crow
Member
From: Argentina
Registered: 2003-06-30
Posts: 545

Re: SSH, any reasons for running that?

Also you can make a SSH tunnel where you can forward VNC through it (just like the X Server), so your data travels encrypted.

Right now, anyone good enough can see everything you do with TightVNC, this is because TightVNC doesnt encrypt sent data, not even passwords. So, all your communications can be spoofed (was that the word?).

I use tightvnc through a ssh tunnel to keep my communications secure.

Here you have a good number of articles discussing the issue:
http://www.google.com/search?hl=en&c2co … sh&spell=1

And here, articles related directly to TightVNC and ssh:
http://www.google.com/search?hl=en&lr=& … tnG=Search


There you will find articles even telling you how to do it to a Windows machine (if you need too, like i do).

Good luck!


Leonardo Andrés Gallego
www.archlinux-es.org || Comunidad Hispana de Arch Linux

Offline

#12 2005-05-06 19:10:19

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,615
Website

Re: SSH, any reasons for running that?

nomachineNX!! tongue


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

#13 2005-05-06 19:17:19

CyberTron
Member
From: Gotland ,Sweden
Registered: 2005-03-17
Posts: 645
Website

Re: SSH, any reasons for running that?

cactus:
may I ask what that is?


http://www.linuxportalen.com  -> Linux Help portal for Linux and ArchLinux (in swedish)

Dell Inspiron 8500
Kernel 2.6.14-archck1  (selfcompiled)
Enlightenment 17

Offline

#14 2005-05-06 19:20:57

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: SSH, any reasons for running that?

CyberTron wrote:

cactus:
may I ask what that is?

http://www.nomachine.com/

It's an LTS setup which is supposedly really good - never tried it myself.

Offline

#15 2005-05-06 19:25:17

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,615
Website

Re: SSH, any reasons for running that?

More of a replacement for VNC. It can be used in an LTS setup for sure, though.
I have a thread around here with a pkgbuild and a screenshot, and more info...


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

Board footer

Powered by FluxBB