RE: redhat-list Digest, Vol 23, Issue 9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----Original Message-----
From: redhat-list-request@xxxxxxxxxx
[mailto:redhat-list-request@xxxxxxxxxx] 
Sent: Sunday, January 08, 2006 12:00 PM
To: redhat-list@xxxxxxxxxx
Subject: redhat-list Digest, Vol 23, Issue 9

Send redhat-list mailing list submissions to
	redhat-list@xxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
	https://www.redhat.com/mailman/listinfo/redhat-list
or, via email, send a message with subject or body 'help' to
	redhat-list-request@xxxxxxxxxx

You can reach the person managing the list at
	redhat-list-owner@xxxxxxxxxx

When replying, please edit your Subject line so it is more specific than
"Re: Contents of redhat-list digest..."


Today's Topics:

   1. encrypt password for Kickstart (Kipp, Jim)
   2. RE: is this an intruder? (Bliss, Aaron)
   3. RE: is this an intruder? (Michael D. Berger)
   4. Re: encrypt password for Kickstart (Allen K. Smith)
   5. RE: encrypt password for Kickstart (Kipp, Jim)
   6. Re: is this an intruder? (Malcolm Kay)


----------------------------------------------------------------------

Message: 1
Date: Sat, 7 Jan 2006 13:35:02 -0500
From: "Kipp, Jim" <jkipp@xxxxxxxxxxxxx>
Subject: encrypt password for Kickstart
To: <redhat-list@xxxxxxxxxx>
Message-ID:
	
<EC741B54812B5940AC1A6EFDFD011D0F03034205@xxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"

Hi
I am preparing a kickstart cfg file for RHEL4.  I would like to encrypt
the root password using md5.  

"rootpw --iscrypted xxxxxxxxxxxxxx"

What is the recommended method for creating the MD5 hash to use in the
above line in the cfg file?

I checked the RH docs for kickstart but did not find anything pertaining
to this. 

Thanks for any suggestions.

Jim









************************************************************************
*****
This email may contain confidential or privileged information. If you
believe  you have received the message in error, please notify the
sender and delete the message without copying or disclosing it.
************************************************************************
*****




------------------------------

Message: 2
Date: Sat, 7 Jan 2006 14:25:12 -0500
From: "Bliss, Aaron" <ABliss@xxxxxxxxxxxxxxxxx>
Subject: RE: is this an intruder?
To: "'Stephen Carville'" <stephen@xxxxxxxxxxxxxx>,	General Red Hat
	Linux discussion list <redhat-list@xxxxxxxxxx>
Message-ID:
	
<FFF3441ECA73784EAAAD9B8ABFB0CC2B242CB8@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain;	charset="iso-8859-1"

I would be careful of using the wheel group to allow ssh logins, as
admins
typically use this group in sudoers file to grant root access for
non-root
users; granting the wheel group ssh logins as well as root access is
essentially allowing root access over ssh anyway; although an outside
attacker would at least have to guess the non-root user's id and
password.

-----Original Message-----
From: Stephen Carville [mailto:stephen@xxxxxxxxxxxxxx] 
Sent: Saturday, January 07, 2006 9:40 AM
To: General Red Hat Linux discussion list
Subject: Re: is this an intruder?

Marty Landman wrote:

> Not sure if I'm reading this right as this is new to me but it appears

> someone in Denmark spent about 10 minutes trying a variety of userid's

> to start an ssh session on my network gateway.

Yep!  If you do not need ssh, your best defense is to disable it.

Otherwise.

Turn off root login and designate a group for oter ssh logins.  At home 
I just use "wheel."

in /etc/ssh/sshd_config

PermitRootLogin  no
AllowGroups      wheel

Restart sshd

Put you and anyone else who must have ssh access in the group wheel. 
Make sure they have good passwords.

Other possible changes are to only allow ssh protocol 2 and to change 
the external port.  Check 'Protocol", "Port" and ListenAddress" in man 
sshd_config.

-- 
Stephen Carville <stephen@xxxxxxxxxxxxxx>
Unix and Network Admin
Nationwide Totalflood
6033 W. Century Blvd
Los Angeles, CA 90045
310-342-3602

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


www.preferredcare.org
"An Outstanding Member Experience," Preferred Care HMO Plans -- J. D.
Power and Associates

Confidentiality Notice:
The information contained in this electronic message is intended for the
exclusive use of the individual or entity named above and may contain
privileged or confidential information.  If the reader of this message
is not the intended recipient or the employee or agent responsible to
deliver it to the intended recipient, you are hereby notified that
dissemination, distribution or copying of this information is
prohibited.  If you have received this communication in error, please
notify the sender immediately by telephone and destroy the copies you
received.




------------------------------

Message: 3
Date: Sat, 7 Jan 2006 15:58:22 -0500
From: "Michael D. Berger" <m.d.berger@xxxxxxxx>
Subject: RE: is this an intruder?
To: "'General Red Hat Linux discussion list'" <redhat-list@xxxxxxxxxx>
Message-ID: <000001c613cd$18ebae40$2801a8c0@MBRC40>
Content-Type: text/plain;	charset="us-ascii"

What about protocol 2 RSA PubkeyAuthentication?  Doesn't this
provide enough protection so that the selection of users and
groups is not important?
Mike.

--
Michael D. Berger
m.d.berger@xxxxxxxx 

> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx 
> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bliss, Aaron
> Sent: Saturday, January 07, 2006 2:25 PM
> To: 'Stephen Carville'; General Red Hat Linux discussion list
> Subject: RE: is this an intruder?
> 
> 
> I would be careful of using the wheel group to allow ssh 
> logins, as admins
> typically use this group in sudoers file to grant root access 
> for non-root
> users; granting the wheel group ssh logins as well as root access is
> essentially allowing root access over ssh anyway; although an outside
> attacker would at least have to guess the non-root user's id 
> and password.
> 
> -----Original Message-----
> From: Stephen Carville [mailto:stephen@xxxxxxxxxxxxxx] 
> Sent: Saturday, January 07, 2006 9:40 AM
> To: General Red Hat Linux discussion list
> Subject: Re: is this an intruder?
> 
> Marty Landman wrote:
> 
> > Not sure if I'm reading this right as this is new to me but 
> it appears 
> > someone in Denmark spent about 10 minutes trying a variety 
> of userid's 
> > to start an ssh session on my network gateway.
> 
> Yep!  If you do not need ssh, your best defense is to disable it.
> 
> Otherwise.
> 
> Turn off root login and designate a group for oter ssh 
> logins.  At home 
> I just use "wheel."
> 
> in /etc/ssh/sshd_config
> 
> PermitRootLogin  no
> AllowGroups      wheel
> 
> Restart sshd
> 
> Put you and anyone else who must have ssh access in the group wheel. 
> Make sure they have good passwords.
> 
> Other possible changes are to only allow ssh protocol 2 and to change 
> the external port.  Check 'Protocol", "Port" and 
> ListenAddress" in man 
> sshd_config.
> 
> -- 
> Stephen Carville <stephen@xxxxxxxxxxxxxx>
> Unix and Network Admin
> Nationwide Totalflood
> 6033 W. Century Blvd
> Los Angeles, CA 90045
> 310-342-3602
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> 
> www.preferredcare.org
> "An Outstanding Member Experience," Preferred Care HMO Plans 
> -- J. D. Power and Associates
> 
> Confidentiality Notice:
> The information contained in this electronic message is 
> intended for the exclusive use of the individual or entity 
> named above and may contain privileged or confidential 
> information.  If the reader of this message is not the 
> intended recipient or the employee or agent responsible to 
> deliver it to the intended recipient, you are hereby notified 
> that dissemination, distribution or copying of this 
> information is prohibited.  If you have received this 
> communication in error, please notify the sender immediately 
> by telephone and destroy the copies you received.
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 




------------------------------

Message: 4
Date: Sat, 7 Jan 2006 13:18:52 -0800
From: "Allen K. Smith" <lazlor@xxxxxxxxxxxxxxxxxx>
Subject: Re: encrypt password for Kickstart
To: General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx>
Message-ID: <3274F295-E6CD-48D9-B6FD-122CCB1D83DB@xxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed


openssl passwd -1


On Jan 7, 2006, at 10:35 AM, Kipp, Jim wrote:

> Hi
> I am preparing a kickstart cfg file for RHEL4.  I would like to  
> encrypt
> the root password using md5.
>
> "rootpw --iscrypted xxxxxxxxxxxxxx"
>
> What is the recommended method for creating the MD5 hash to use in the
> above line in the cfg file?
>
> I checked the RH docs for kickstart but did not find anything  
> pertaining
> to this.
>
> Thanks for any suggestions.
>
> Jim
>
>
>
>
>
>
>
>
>
> **********************************************************************

> *******
> This email may contain confidential or privileged information. If  
> you believe
>  you have received the message in error, please notify the sender  
> and delete
> the message without copying or disclosing it.
> **********************************************************************

> *******
>
>
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list



------------------------------

Message: 5
Date: Sat, 7 Jan 2006 19:41:40 -0500
From: "Kipp, Jim" <jkipp@xxxxxxxxxxxxx>
Subject: RE: encrypt password for Kickstart
To: "General Red Hat Linux discussion list" <redhat-list@xxxxxxxxxx>
Message-ID:
	
<EC741B54812B5940AC1A6EFDFD011D0F0134BDF3@xxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

Thanks, did find this on google. sorry for the wasted question
 

________________________________

From: redhat-list-bounces@xxxxxxxxxx on behalf of Allen K. Smith
Sent: Sat 1/7/2006 4:18 PM
To: General Red Hat Linux discussion list
Subject: Re: encrypt password for Kickstart




openssl passwd -1


On Jan 7, 2006, at 10:35 AM, Kipp, Jim wrote:

> Hi
> I am preparing a kickstart cfg file for RHEL4.  I would like to 
> encrypt
> the root password using md5.
>
> "rootpw --iscrypted xxxxxxxxxxxxxx"
>
> What is the recommended method for creating the MD5 hash to use in the
> above line in the cfg file?
>
> I checked the RH docs for kickstart but did not find anything 
> pertaining
> to this.
>
> Thanks for any suggestions.
>
> Jim
>
>
>







************************************************************************
*****
This email may contain confidential or privileged information. If you
believe
 you have received the message in error, please notify the sender and
delete 
the message without copying or disclosing it.
************************************************************************
*****


------------------------------

Message: 6
Date: Mon, 9 Jan 2006 02:38:16 +1030
From: Malcolm Kay <malcolm.kay@xxxxxxxxxxxxxxxx>
Subject: Re: is this an intruder?
To: redhat-list@xxxxxxxxxx
Cc: "Bliss, Aaron" <ABliss@xxxxxxxxxxxxxxxxx>
Message-ID: <200601090238.16300.malcolm.kay@xxxxxxxxxxxxxxxx>
Content-Type: text/plain;  charset="iso-8859-1"

On Sun, 8 Jan 2006 05:55 am, Bliss, Aaron wrote:
> I would be careful of using the wheel group to allow ssh
> logins, as admins typically use this group in sudoers file to
> grant root access for non-root users; granting the wheel group
> ssh logins as well as root access is essentially allowing root
> access over ssh anyway; although an outside attacker would at
> least have to guess the non-root user's id and password.
>
> -----Original Message-----
> From: Stephen Carville [mailto:stephen@xxxxxxxxxxxxxx]
> Sent: Saturday, January 07, 2006 9:40 AM
> To: General Red Hat Linux discussion list
> Subject: Re: is this an intruder?
>
> Marty Landman wrote:
> > Not sure if I'm reading this right as this is new to me but
> > it appears someone in Denmark spent about 10 minutes trying
> > a variety of userid's to start an ssh session on my network
> > gateway.
>
> Yep!  If you do not need ssh, your best defense is to disable
> it.
>
> Otherwise.
>
> Turn off root login and designate a group for oter ssh logins.
>  At home I just use "wheel."
>

This sounds dangerous -- wheel is normally an alternative to the
root group introduced for compatibility with some forms of BSD 
where it is the base privileged group.

Malcolm Kay

> in /etc/ssh/sshd_config
>
> PermitRootLogin  no
> AllowGroups      wheel
>
> Restart sshd
>
> Put you and anyone else who must have ssh access in the group
> wheel. Make sure they have good passwords.
>
> Other possible changes are to only allow ssh protocol 2 and to
> change the external port.  Check 'Protocol", "Port" and
> ListenAddress" in man sshd_config.
>



------------------------------

__
redhat-list mailing list
Unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

End of redhat-list Digest, Vol 23, Issue 9
******************************************
 
 
 
Peter Baron  
Senior UNIX Administrator
InterDigital Communications Corporation
2 Huntington Quadrangle
4th Floor, South Wing
Melville, NY 11747-4508
Tel.: +1 631.622.4295
Fax: +1 631.622.0101
Email: Peter.Baron@xxxxxxxxxxxxxxxx
http://www.InterDigital.com

 
 
 This e-mail is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and/or otherwise protected from disclosure to anyone other than its intended recipient.  Unintended transmission shall not constitute waiver of any privilege or confidentiality obligation. If you received this communication in error, please do not review, copy or distribute it, notify me immediately by email, and delete the original message and any attachments. Unless expressly stated in this e-mail, nothing in this message or any attachment should be construed as a digital or electronic signature.

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux