7. ACLs, Telnet, FTP, SSH/SCP, rexec
- The SSH Communications sshd has been installed and configured
on both machines.
- SSH and SFTP have been installed on the PC Cluster machines (thanks to
Ian (and Chris?) for this).
- Access to both via rexec has been blocked. (Most eXceed users
used rexec to connect until recently --- this was a security
nightmare as the Solaris in.rexecd (daemon) did not log anything!)
- The router-level ACLs have been changed for Eric (Peter S.); similar
changes are planned for Cosmos, but these are complicated by the
presence of the virus-scanner software and updates on
ftp.umist.ac.uk which currently points to Cosmos :
- Telnet and FTP access are blocked from outside
.umist.ac.uk. Telnet and FTP access will be totally
blocked at some point (when?).
- Access to Eric is now global --- via SSH/SCP only.
- Most ports are now blocked to both machines.
Issue: when is access to Telnet and FTP from within .umist.ac.uk
to be blocked?
Issue: when can we move ftp.umist.ac.uk off of Cosmos?
The presence of the virus-scanner software prevents us from blocking FTP
access for Cosmos.
About this document:
Produced from the SGML: /home/isd/public_html/_universe_project/_reml_grp/prog_report_2003Feb.reml
On: 20/2/2003 at 10:1:26
Options: reml2 -i noindex -l long -o html -p multiple