From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 16 14:02:12 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6F78C16A432
	for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 14:02:12 +0000 (GMT)
	(envelope-from greg@grokking.org)
Received: from herbert.sohotech.ca (herbert.sohotech.ca [206.116.63.239])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 46E1943D53
	for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 14:02:11 +0000 (GMT)
	(envelope-from greg@grokking.org)
Received: from localhost (unknown [127.0.0.1])
	by herbert.sohotech.ca (Postfix) with ESMTP id 0197C180C39
	for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 07:02:11 -0700 (PDT)
Received: from herbert.sohotech.ca ([127.0.0.1])
	by localhost (herbert.sohotech.ca [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 96391-01 for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 07:02:09 -0700 (PDT)
Received: from [192.168.1.4] (niven.sohotech.ca [192.168.1.4])
	by herbert.sohotech.ca (Postfix) with ESMTP id 95D9D175C35
	for <freebsd-questions@freebsd.org>;
	Thu, 16 Jun 2005 07:02:09 -0700 (PDT)
Message-ID: <42B18661.6010101@grokking.org>
Date: Thu, 16 Jun 2005 07:02:09 -0700
From: Greg Maruszeczka <greg@grokking.org>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050404)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <d8rujc$b4p$1@sea.gmane.org>
In-Reply-To: <d8rujc$b4p$1@sea.gmane.org>
X-Enigmail-Version: 0.92.0.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: amavisd-new at sohotech.ca
Subject: Re: Remote server warnings
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jun 2005 14:02:12 -0000

Jonathan Arnold wrote:
> I'm going to be moving my server to a remote site, where I'll only
> be able to ssh to it for any kind of service.  It has been local,
> hooked up via a KVM switch, so it will be a new setup for me.
> 
> What sorts of problems should I keep an eye out for? What kind of
> setup should I have?  I've turned on ssh. What else should I do?
> How hard will it be to update my system remotely?
> 
> Thanks in advance for any help you can provide.
> 


Use rsa/dsa keys and disable password auth in sshd_config.

You can generally do port upgrades via ssh without issue. Obviously you
have to be careful when performing major updates like `make world` where
it's usually recommended that you drop to single-user mode before
installing world. Some folks claim they do the whole make world dance by
remote and just don't reboot or drop to single-user mode. Personally,
I'd never do this on a production box but I recall some good discussion
on this list a few months ago about this very topic. Check the archives
if you're interested.

G