Janina, What's the latest version of Redhat, and how do I upgrade without wiping out my present accounts and data? Can I upgrade from Redhat 8.0 using BRLTTY, including kernel replacement? I feel like i'm asking all the dumb questions, but maybe others will benefit from the answers as well. It is certai`nly faster and less frustrating to ask than to search through reams of documentation. John On Sun, 10 Oct 2004, Janina Sajka wrote: > Andor Demarteau writes: > > On Sat, 9 Oct 2004, John J. Boyer wrote: > > > > > Thanks to all who helped with the ssh problem. There were two gotchas. > > > Iptables was blocking all connections, and password authentication was > > > turned off. Now I want to use the target machine to receive mail and for > > > backup. When I boot the target machine, iptables is on and I have to log > > > in as root to turn it off. How can I set iptables to be off at boot time? > > > Or, better, to accept ssh and scp only from the source machine? > > well if you can login already as root, you probably can login as any user. > > > > Find the line in your rule-set that allows ssh-access (port 22). > > add to this line the -s or --source flag with the ip-address of the > > souce-box. > > providing the output-chaing allows all outgping traffic, that's all. > > > > Disableing iptables may not be a good idea security-wise. > > > > > > > Two user accounts receive mail continuously. I would like to have them > > > > automatically logged on at boot time. Is this possible? How? > > John, you're reinventing the wheel here, and your coming up with a > square. That's not the proper means toward this end. You don't want > those users always logged on. You actually want them to receive their > mail without always entering a password. > > Look at the ssh man page and put together an appropriate > .ssh/authorized_keys file. That will take care of that. > > The more correct resolution is: > > 1.) Upgrade as per my last message. > > 2.) Configure your machine to receive mail (on port 25) > > 3.) Configure TLS authentication > > 4.) Have your users use TLS to get and send mail. > > This way, they'll be able to access the mail server from anywhere--even > half way around the world in a hotel room. > > What you're talking about is a quick work around that has implications > you just haven't considered sufficiently. Some of those are being > pointed out in other messages. > > _______________________________________________ > > Blinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/blinux-list > -- John J. Boyer; Executive Director, Chief Software Developer Computers to Help People, Inc. http://www.chpi.org 825 East Johnson; Madison, WI 53703 _______________________________________________ Blinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/blinux-list