From owner-freebsd-newbies@FreeBSD.ORG Mon Jan 17 22:39:42 2005 Return-Path: Delivered-To: freebsd-newbies@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7B85116A4CE for ; Mon, 17 Jan 2005 22:39:42 +0000 (GMT) Received: from smtp805.mail.sc5.yahoo.com (smtp805.mail.sc5.yahoo.com [66.163.168.184]) by mx1.FreeBSD.org (Postfix) with SMTP id E6CFD43D45 for ; Mon, 17 Jan 2005 22:39:41 +0000 (GMT) (envelope-from krinklyfig@spymac.com) Received: from unknown (HELO smogmonster.com) (jtinnin@pacbell.net@67.116.52.197 with login) by smtp805.mail.sc5.yahoo.com with SMTP; 17 Jan 2005 22:39:41 -0000 From: Joshua Tinnin To: freebsd-newbies@freebsd.org Date: Mon, 17 Jan 2005 14:39:40 -0800 User-Agent: KMail/1.7.2 References: <41EC2790.4090500@finnovative.net> <41EC2880.3070905@wingfoot.org> <41EC2CFA.2020009@finnovative.net> In-Reply-To: <41EC2CFA.2020009@finnovative.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200501171439.41285.krinklyfig@spymac.com> cc: Joaquin Menchaca Subject: Re: HELP: how to enable telnet? X-BeenThere: freebsd-newbies@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Gathering place for new users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jan 2005 22:39:42 -0000 On Monday 17 January 2005 01:24 pm, Joaquin Menchaca wrote: > Glenn Sieb wrote: > > Joaquin Menchaca said the following on 1/17/2005 4:01 PM: > >> Just some questions about telnet. I just installed FreeBSD. I > >> want to setup so that I can telnet into it and do some work on it > >> (as it'll be the server for the house) > > > > Telnet is a highly insecure solution. It has generally been > > replaced with ssh (Secure SHell). > > Hi. Then how can I get SSH working? I can use this. My target > client platform now is Mac OS X, so interoperability between FreeBSD > and Mac OS X is smoother. ssh is included in the base install. You can either enable it through your /etc/rc.conf: sshd_enable="YES" ... or you can start it by: /etc/rc.d/sshd start You should read up on this before you use it, as you want to decide what sort of authentication you need. The handbook has some documentation, as well as man ssh, man sshd, man ssh-agent, etc. > However, later I want to use Windows XP/2K3. They have decent ssh > client support through tools like putty, but I don't know any good > sshd solution on Windows. I don't know if installing a new OS is an option, but any home Windows OS pre-2000 is not secure in the first place (i.e., ME, 98, 95). I would not use any of them if security is a consideration. BTW, PuTTY works very well, as does installing Cygwin so you can use its tools (though that is a bit overkill, maybe). > Windows can secure insecure applications through through IPSec. This > might be similar to kerberorized tools in Solaris and stunnel for > others. Eventionally, I want to play with them all, feret out which > ones are painful, which ones are the best, and what ones work between > platforms (linux vs. solaris vs. freebsd vs macos vs windows). :-> > > One complaint I've heard with SSH though is that bad stuff can still > get through a firewall, such as a downloading of a known > trojan/virus, can cannot get stripped out. Whereas, SSL could > potentially get stipped out. Well, ssh assumes you know what you're doing, as it just provides a secure mechanism. You can tunnel it, though. > Anyways, I'm far from that point yet. I just need some sort of > access into the box. I'm behind a firewall. You should probably open up a port for ssh if you can, and if I were you I'd configure ssh to use a high-numbered port instead of the default - open up this same port on your firewall for tcp, preferably with stateful inspection. - jt