-----Original Message----- From: redhat-list-request@xxxxxxxxxx [mailto:redhat-list-request@xxxxxxxxxx] Sent: Sunday, January 08, 2006 12:00 PM To: redhat-list@xxxxxxxxxx Subject: redhat-list Digest, Vol 23, Issue 9 Send redhat-list mailing list submissions to redhat-list@xxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://www.redhat.com/mailman/listinfo/redhat-list or, via email, send a message with subject or body 'help' to redhat-list-request@xxxxxxxxxx You can reach the person managing the list at redhat-list-owner@xxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of redhat-list digest..." Today's Topics: 1. encrypt password for Kickstart (Kipp, Jim) 2. RE: is this an intruder? (Bliss, Aaron) 3. RE: is this an intruder? (Michael D. Berger) 4. Re: encrypt password for Kickstart (Allen K. Smith) 5. RE: encrypt password for Kickstart (Kipp, Jim) 6. Re: is this an intruder? (Malcolm Kay) ---------------------------------------------------------------------- Message: 1 Date: Sat, 7 Jan 2006 13:35:02 -0500 From: "Kipp, Jim" <jkipp@xxxxxxxxxxxxx> Subject: encrypt password for Kickstart To: <redhat-list@xxxxxxxxxx> Message-ID: <EC741B54812B5940AC1A6EFDFD011D0F03034205@xxxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="us-ascii" Hi I am preparing a kickstart cfg file for RHEL4. I would like to encrypt the root password using md5. "rootpw --iscrypted xxxxxxxxxxxxxx" What is the recommended method for creating the MD5 hash to use in the above line in the cfg file? I checked the RH docs for kickstart but did not find anything pertaining to this. Thanks for any suggestions. Jim ************************************************************************ ***** This email may contain confidential or privileged information. If you believe you have received the message in error, please notify the sender and delete the message without copying or disclosing it. ************************************************************************ ***** ------------------------------ Message: 2 Date: Sat, 7 Jan 2006 14:25:12 -0500 From: "Bliss, Aaron" <ABliss@xxxxxxxxxxxxxxxxx> Subject: RE: is this an intruder? To: "'Stephen Carville'" <stephen@xxxxxxxxxxxxxx>, General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> Message-ID: <FFF3441ECA73784EAAAD9B8ABFB0CC2B242CB8@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" I would be careful of using the wheel group to allow ssh logins, as admins typically use this group in sudoers file to grant root access for non-root users; granting the wheel group ssh logins as well as root access is essentially allowing root access over ssh anyway; although an outside attacker would at least have to guess the non-root user's id and password. -----Original Message----- From: Stephen Carville [mailto:stephen@xxxxxxxxxxxxxx] Sent: Saturday, January 07, 2006 9:40 AM To: General Red Hat Linux discussion list Subject: Re: is this an intruder? Marty Landman wrote: > Not sure if I'm reading this right as this is new to me but it appears > someone in Denmark spent about 10 minutes trying a variety of userid's > to start an ssh session on my network gateway. Yep! If you do not need ssh, your best defense is to disable it. Otherwise. Turn off root login and designate a group for oter ssh logins. At home I just use "wheel." in /etc/ssh/sshd_config PermitRootLogin no AllowGroups wheel Restart sshd Put you and anyone else who must have ssh access in the group wheel. Make sure they have good passwords. Other possible changes are to only allow ssh protocol 2 and to change the external port. Check 'Protocol", "Port" and ListenAddress" in man sshd_config. -- Stephen Carville <stephen@xxxxxxxxxxxxxx> Unix and Network Admin Nationwide Totalflood 6033 W. Century Blvd Los Angeles, CA 90045 310-342-3602 -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list www.preferredcare.org "An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received. ------------------------------ Message: 3 Date: Sat, 7 Jan 2006 15:58:22 -0500 From: "Michael D. Berger" <m.d.berger@xxxxxxxx> Subject: RE: is this an intruder? To: "'General Red Hat Linux discussion list'" <redhat-list@xxxxxxxxxx> Message-ID: <000001c613cd$18ebae40$2801a8c0@MBRC40> Content-Type: text/plain; charset="us-ascii" What about protocol 2 RSA PubkeyAuthentication? Doesn't this provide enough protection so that the selection of users and groups is not important? Mike. -- Michael D. Berger m.d.berger@xxxxxxxx > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bliss, Aaron > Sent: Saturday, January 07, 2006 2:25 PM > To: 'Stephen Carville'; General Red Hat Linux discussion list > Subject: RE: is this an intruder? > > > I would be careful of using the wheel group to allow ssh > logins, as admins > typically use this group in sudoers file to grant root access > for non-root > users; granting the wheel group ssh logins as well as root access is > essentially allowing root access over ssh anyway; although an outside > attacker would at least have to guess the non-root user's id > and password. > > -----Original Message----- > From: Stephen Carville [mailto:stephen@xxxxxxxxxxxxxx] > Sent: Saturday, January 07, 2006 9:40 AM > To: General Red Hat Linux discussion list > Subject: Re: is this an intruder? > > Marty Landman wrote: > > > Not sure if I'm reading this right as this is new to me but > it appears > > someone in Denmark spent about 10 minutes trying a variety > of userid's > > to start an ssh session on my network gateway. > > Yep! If you do not need ssh, your best defense is to disable it. > > Otherwise. > > Turn off root login and designate a group for oter ssh > logins. At home > I just use "wheel." > > in /etc/ssh/sshd_config > > PermitRootLogin no > AllowGroups wheel > > Restart sshd > > Put you and anyone else who must have ssh access in the group wheel. > Make sure they have good passwords. > > Other possible changes are to only allow ssh protocol 2 and to change > the external port. Check 'Protocol", "Port" and > ListenAddress" in man > sshd_config. > > -- > Stephen Carville <stephen@xxxxxxxxxxxxxx> > Unix and Network Admin > Nationwide Totalflood > 6033 W. Century Blvd > Los Angeles, CA 90045 > 310-342-3602 > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > > www.preferredcare.org > "An Outstanding Member Experience," Preferred Care HMO Plans > -- J. D. Power and Associates > > Confidentiality Notice: > The information contained in this electronic message is > intended for the exclusive use of the individual or entity > named above and may contain privileged or confidential > information. If the reader of this message is not the > intended recipient or the employee or agent responsible to > deliver it to the intended recipient, you are hereby notified > that dissemination, distribution or copying of this > information is prohibited. If you have received this > communication in error, please notify the sender immediately > by telephone and destroy the copies you received. > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > ------------------------------ Message: 4 Date: Sat, 7 Jan 2006 13:18:52 -0800 From: "Allen K. Smith" <lazlor@xxxxxxxxxxxxxxxxxx> Subject: Re: encrypt password for Kickstart To: General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> Message-ID: <3274F295-E6CD-48D9-B6FD-122CCB1D83DB@xxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed openssl passwd -1 On Jan 7, 2006, at 10:35 AM, Kipp, Jim wrote: > Hi > I am preparing a kickstart cfg file for RHEL4. I would like to > encrypt > the root password using md5. > > "rootpw --iscrypted xxxxxxxxxxxxxx" > > What is the recommended method for creating the MD5 hash to use in the > above line in the cfg file? > > I checked the RH docs for kickstart but did not find anything > pertaining > to this. > > Thanks for any suggestions. > > Jim > > > > > > > > > > ********************************************************************** > ******* > This email may contain confidential or privileged information. If > you believe > you have received the message in error, please notify the sender > and delete > the message without copying or disclosing it. > ********************************************************************** > ******* > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list ------------------------------ Message: 5 Date: Sat, 7 Jan 2006 19:41:40 -0500 From: "Kipp, Jim" <jkipp@xxxxxxxxxxxxx> Subject: RE: encrypt password for Kickstart To: "General Red Hat Linux discussion list" <redhat-list@xxxxxxxxxx> Message-ID: <EC741B54812B5940AC1A6EFDFD011D0F0134BDF3@xxxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" Thanks, did find this on google. sorry for the wasted question ________________________________ From: redhat-list-bounces@xxxxxxxxxx on behalf of Allen K. Smith Sent: Sat 1/7/2006 4:18 PM To: General Red Hat Linux discussion list Subject: Re: encrypt password for Kickstart openssl passwd -1 On Jan 7, 2006, at 10:35 AM, Kipp, Jim wrote: > Hi > I am preparing a kickstart cfg file for RHEL4. I would like to > encrypt > the root password using md5. > > "rootpw --iscrypted xxxxxxxxxxxxxx" > > What is the recommended method for creating the MD5 hash to use in the > above line in the cfg file? > > I checked the RH docs for kickstart but did not find anything > pertaining > to this. > > Thanks for any suggestions. > > Jim > > > ************************************************************************ ***** This email may contain confidential or privileged information. If you believe you have received the message in error, please notify the sender and delete the message without copying or disclosing it. ************************************************************************ ***** ------------------------------ Message: 6 Date: Mon, 9 Jan 2006 02:38:16 +1030 From: Malcolm Kay <malcolm.kay@xxxxxxxxxxxxxxxx> Subject: Re: is this an intruder? To: redhat-list@xxxxxxxxxx Cc: "Bliss, Aaron" <ABliss@xxxxxxxxxxxxxxxxx> Message-ID: <200601090238.16300.malcolm.kay@xxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="iso-8859-1" On Sun, 8 Jan 2006 05:55 am, Bliss, Aaron wrote: > I would be careful of using the wheel group to allow ssh > logins, as admins typically use this group in sudoers file to > grant root access for non-root users; granting the wheel group > ssh logins as well as root access is essentially allowing root > access over ssh anyway; although an outside attacker would at > least have to guess the non-root user's id and password. > > -----Original Message----- > From: Stephen Carville [mailto:stephen@xxxxxxxxxxxxxx] > Sent: Saturday, January 07, 2006 9:40 AM > To: General Red Hat Linux discussion list > Subject: Re: is this an intruder? > > Marty Landman wrote: > > Not sure if I'm reading this right as this is new to me but > > it appears someone in Denmark spent about 10 minutes trying > > a variety of userid's to start an ssh session on my network > > gateway. > > Yep! If you do not need ssh, your best defense is to disable > it. > > Otherwise. > > Turn off root login and designate a group for oter ssh logins. > At home I just use "wheel." > This sounds dangerous -- wheel is normally an alternative to the root group introduced for compatibility with some forms of BSD where it is the base privileged group. Malcolm Kay > in /etc/ssh/sshd_config > > PermitRootLogin no > AllowGroups wheel > > Restart sshd > > Put you and anyone else who must have ssh access in the group > wheel. Make sure they have good passwords. > > Other possible changes are to only allow ssh protocol 2 and to > change the external port. Check 'Protocol", "Port" and > ListenAddress" in man sshd_config. > ------------------------------ __ redhat-list mailing list Unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list End of redhat-list Digest, Vol 23, Issue 9 ****************************************** Peter Baron Senior UNIX Administrator InterDigital Communications Corporation 2 Huntington Quadrangle 4th Floor, South Wing Melville, NY 11747-4508 Tel.: +1 631.622.4295 Fax: +1 631.622.0101 Email: Peter.Baron@xxxxxxxxxxxxxxxx http://www.InterDigital.com This e-mail is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and/or otherwise protected from disclosure to anyone other than its intended recipient. Unintended transmission shall not constitute waiver of any privilege or confidentiality obligation. If you received this communication in error, please do not review, copy or distribute it, notify me immediately by email, and delete the original message and any attachments. Unless expressly stated in this e-mail, nothing in this message or any attachment should be construed as a digital or electronic signature. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
