Re: starting services in fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 17 Apr 2018, Zbigniew Jędrzejewski-Szmek wrote:

> Services which are subject the guidelines allow to be 
> enabled by default should be such that starting them briefly 
> should not cause any permanent effects.


'should not' is not true to fact in the real world

I mentioned we inject a SSH root key for management purposes.  
This is a sample of the 'back-splatter' I get all the time

Starting the ssh service generates several keys, which then 
get 'picked up' off host by our control units.  I have to have 
specil code to address the need to go in and eradicate such 
all the time.  Sample below


Apr 16 19:22:19 secure PMMan[2423]: PMMan (VM Management) 
[system@localhost:vm_34458] -- VM setup sees a listener on port 22/tcp 

Apr 16 19:22:19 secure vm_setup[1331]: ssh: connect to host 
10.85.86.17 port 22: Connection refused

Apr 16 19:22:19 secure last message repeated 3 times

Apr 16 19:22:19 secure vm_setup[1368]: 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Apr 16 19:22:19 secure vm_setup[1368]: @    WARNING: REMOTE 
HOST IDENTIFICATION HAS CHANGED!     @

Apr 16 19:22:19 secure vm_setup[1368]: 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Apr 16 19:22:19 secure vm_setup[1368]: IT IS POSSIBLE THAT 
SOMEONE IS DOING SOMETHING NASTY!

Apr 16 19:22:19 secure vm_setup[1368]: Someone could be 
eavesdropping on you right now (man-in-the-middle attack)!

Apr 16 19:22:19 secure vm_setup[1368]: It is also possible 
that the RSA host key has just been changed.

Apr 16 19:22:19 secure vm_setup[1368]: The fingerprint for the 
RSA key sent by the remote host is

Apr 16 19:22:19 secure vm_setup[1368]: 
28:1c:dc:5e:26:9d:4b:1f:2c:a8:aa:8d:42:4f:5f:ea.

Apr 16 19:22:19 secure vm_setup[1368]: Please contact your 
system administrator.

Apr 16 19:22:19 secure vm_setup[1368]: Add correct host key in 
/root/.ssh/known_hosts to get rid of this message.

Apr 16 19:22:19 secure vm_setup[1368]: Offending key in 
/root/.ssh/known_hosts:325

Apr 16 19:22:19 secure vm_setup[1368]: Password authentication 
is disabled to avoid man-in-the-middle attacks.

Apr 16 19:22:19 secure vm_setup[1368]: Keyboard-interactive 
authentication is disabled to avoid man-in-the-middle attacks.

Apr 16 19:22:19 secure vm_setup[1368]: reverse mapping 
checking getaddrinfo for pl085086228.domain.lan failed - 
POSSIBLE BREAK-IN ATTEMPT!

Apr 16 19:22:20 secure pmmanLog[2432]: pmmanLog ( | _event_id: 
5 | _owner_id: 0 | _vm_id: 846 | _message: VM setup is 
shutting down for initial clean backup | _admin: NULL | 
_thread_id: NULL | _level: I | _viewable: 0 

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux