[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

RE: security

SDUPUIS SDUPUIS@bouyguestelecom.fr
Tue, 18 Apr 2006 08:34:37 -0700 (PDT)


 
>> when Conserver is running, no othe user can telnet to the ports that Conserver controls.

It's enought for me, I find this feature an hour ago, thanks :)

>>It may be helpful if you can email the users list again, with the type of 
SUN gear, and which Solaris (or other OS)

In fact, the problem was in the CS 9000 ! After set it up corectly,
(using the command : "set server break on") The pre-configured halt
sequences are now working, and I was abble to return to the "ok" prompt
anytime :)

Thanks again for answer me, It's seems I should have made more tests before asking.



-----Message d'origine-----
De : Harris, David (SBS US) [mailto:david.k.harris@siemens.com] 
Envoyé : mardi 18 avril 2006 17:06
À : DUPUIS, Stéphane
Objet : RE: security

  It may be helpful if you can email the users list again, with the type of 
SUN gear, and which Solaris (or other OS) you are using, because newer Solaris
has some extra options for HALTing the machine.

  While telnet is weak, when Conserver is running, no othe user can telnet to
the ports that Conserver controls. Try this! This one-at-a-time access may be
enough for you, since Conserver should always be in control of those ports. 

  There is a way to invoke a chat (send/expect) script, but I forget the syntax.
I hope another will answer you to the group, or look in the examples that were
Included in the Conserver package. :-)

    Regards,

       -Z-

-----Original Message-----
From: users-bounces@conserver.com [mailto:users-bounces@conserver.com] On Behalf Of SDUPUIS@bouyguestelecom.fr
Sent: Tuesday, April 18, 2006 2:11 AM
To: users@conserver.com
Subject: security

Hi again,

After a few days of efforts and hard work... my basic configuration work ! :) We are using a perle CS 9000, and I can conect to it (telnet perle 10001 for the first port, 10002 for the second and so on) using conserver, that's rock !

But, we wanted to use conserver for security, and only allow people in the /etc/conserver.passwd file to access the console.

So, I need to set the security on in the CS 9000, so a telnet to the port 10001 now ask for a passwd before conecting. I also add a user with grant to access to the port. That's working ok.
But I don't know how to tell conserver, that it need to authenticate itself, using this login/passwd during the telnet session...

Any hint on this subject ?
the perle CS 9000 can also use ssh, but I don't know yet what to put in conserver.cf to use ssh instead of telnet.


Last unrelated thing, if someone can give me the break sequence to use for the SUN "Stop-A" command... 

Thanks !
 
Stephane Dupuis
DCSI/DEQS/HSI/HEI/INX...LINUX !
Bouygues Telecom
Tel    : 01 39 26 21 79
Mobile : 06 64 19 78 63
--
()  ascii ribbon campaign
/\      - against html e-mail 
        - against microsoft attachments

____________________________________________________________

L'integrité de ce message n'étant pas assurée sur Internet, Bouygues Telecom ne peut être tenue responsable du contenu de ce message ainsi que des pièces jointes à ce message. Toute utilisation ou diffusion non autorisée est interdite. Si vous n'êtes pas destinataire de ce message, merci de le détruire et d'avertir l'expéditeur.

The integrity of this message cannot be guaranteed on the Internet. Bouygues Telecom cannot therefore be considered liable for the contents including its attachments. Any unauthorized use or dissemination is prohibited. If you are not the intended recipient of this message, then please delete it and notify the sender. 
____________________________________________________________


_______________________________________________
users mailing list
users@conserver.com
https://www.conserver.com/mailman/listinfo/users

____________________________________________________________

L'integrité de ce message n'étant pas assurée sur Internet, Bouygues Telecom ne peut être tenue responsable du contenu de ce message ainsi que des pièces jointes à ce message. Toute utilisation ou diffusion non autorisée est interdite. Si vous n'êtes pas destinataire de ce message, merci de le détruire et d'avertir l'expéditeur.

The integrity of this message cannot be guaranteed on the Internet. Bouygues Telecom cannot therefore be considered liable for the contents including its attachments. Any unauthorized use or dissemination is prohibited. If you are not the intended recipient of this message, then please delete it and notify the sender. 
____________________________________________________________