[TriLUG] looking for good read-only linux

Jon Carnes jonc at nc.rr.com
Mon Jan 30 22:43:36 EST 2006


I do this to manage my remote voice networks.

I have a server setup (running Mandrake with msec in paranoid mode) that
allows me SSH in as user (not as root) but only using keys - no
passwords. From there I can jump around internally and do what needs to
be done.

I also run a script called DenyHosts on the box. this looks at any IP
address trying to gain ssh access and then firewalls away that IP on the
third strike. Since I'm using Keys to login there isn't much chance that
I will accidentally setup the script and lock out my IP.

Jon

On Mon, 2006-01-30 at 20:49, Greg Brown wrote:
> All:
> 
> After screwing up my outer banks server for the last time I have elected to
> go with a read-only ssh gateway of sorts for my remote network.  I have a
> three port x86 compatible device with a CF reader that I can use for this
> project.  I have searched a bit for various distributions and have turned up
> a few but I wanted to ping the list to see what was you used.  My
> requirements are:
> 
> 1. read only
> 2. ssh server
> 3. squid would be nice, but not required
> 4. nmap
> 
> That's about it.  This device will have two interfaces and one will be the
> interface the firewall forwards ssh requests to.  Once I'm logged in I can
> hop around to the other APs or ssh devices as needed.
> 
> Suggestions?
> 
> Greg




More information about the TriLUG mailing list