LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-07-2012, 08:08 PM   #31
ph0rty
LQ Newbie
 
Registered: Sep 2012
Distribution: OpenSUSE, CentOS, RHEL
Posts: 8

Rep: Reputation: Disabled

if you are INSISTANT in using email (despite all these lovely peoples warnings)
your answer lies within the magic of procmail

one can quite easily accept 'commands' in the form of message body, providing the subject line contains $(something secret or keywords) and is only received from a particular email address ** can be forged easily, so make use of the full headers for validation checks.

have fun testing, but dont make it live on a production server. email is inherently insecure, in many many ways.
We used to use this procmail method to open a reverse ssh tunnel back into the office many years ago to bypass the inbound firewall, and it worked like a charm!
(nowadays with keys/certs and openvpn, its not required to be devious )
 
Old 11-07-2012, 08:42 PM   #32
evgenyz
Member
 
Registered: Sep 2012
Posts: 48

Original Poster
Rep: Reputation: Disabled
Thanks!
But I already found a new product from alessoft.com that provides the needed level of protection on the system resources.
I installed a trail version on my server it work excellent! I can control several Linux boxes and the PC as well from the single control station just by sending simple email messages. The system authenticates me and allows me to perform only the subset of commands I set up in configuration. Actually I can configure it to perform just 2 or 3 commands/scripts to control my application only (start/stop/status e.t.c.) or to assign a full set of Linux command except shutdown, reboot and rm for example. So the configuration options are amazing and it just opened a new world for me..
This company is just came up with this product and no one is know about the yet... I just know about them from my friend who knows their developer...
 
Old 11-07-2012, 10:29 PM   #33
slimm609
Member
 
Registered: May 2007
Location: Chas, SC
Distribution: slackware, gentoo, fedora, LFS, sidewinder G2, solaris, FreeBSD, RHEL, SUSE, Backtrack
Posts: 428

Rep: Reputation: 65
Not sure how the product will work out for you but this is certainly doable. Generate client certificates and server certificates from the same root server. You can then send encrypted emails to an address that you created to receive the emails and using PKI send everything over encrypted so if someone were to intercept it they would only have the TO address and the subject. The body (with the commands) would be encrypted and only to be decrypted by the address on the server which only you hold the private key for on the server.
 
Old 12-06-2012, 06:56 AM   #34
evgenyz
Member
 
Registered: Sep 2012
Posts: 48

Original Poster
Rep: Reputation: Disabled
This new tool now provides end-to-end message encryption without PKI, so the content of command and the answer from server are transferred securely.
 
Old 05-22-2013, 05:25 AM   #35
ne0shell
LQ Newbie
 
Registered: May 2010
Posts: 21

Rep: Reputation: 0
Quote:
Originally Posted by evgenyz View Post
This new tool now provides end-to-end message encryption without PKI, so the content of command and the answer from server are transferred securely.
Could you post some more info to help other users, possible? The website you list is down apparently so either bad link or site has gone offline.
 
Old 05-22-2013, 08:53 PM   #36
evgenyz
Member
 
Registered: Sep 2012
Posts: 48

Original Poster
Rep: Reputation: Disabled
The web site is https://www.alessoft.com
Let me know if can access it.
 
Old 02-01-2014, 01:29 PM   #37
nettmaus
LQ Newbie
 
Registered: Feb 2014
Posts: 2

Rep: Reputation: Disabled
Quote:
Originally Posted by evgenyz View Post
I'm looking for secured way to send command by email to my remote Linux server for execution. Is anybody familiar with such tool?

Thanks
I have been researching the same concept, and had been focusing on PGP to avoid spoof / hijack attempts. I came across this solution. I am sure there is more out there:

http://www.devx.com/opensource/Article/38547

My idea was to send an encrypted request (and PGP is even available on droid tablets now), and have an isolated server with its own mail account process the request. Results would then be sent from serveR via encrypted message to the originator of the request.

With a minimum of capital outlay.

Benefits, I think are multifold: mainly a way to tunnel through carrier grade NAT; BUT ALSO allowing access to SOHO systems. or from otherwise limited devices (i.e. devices with only SMS or mail capabilities), or communication between automated servers through a commonly allowed service (POP3).

In the end, the issue requires this:

Secure authentication and transmission of traffic.
Batch execution, or if not, some way to track state.

Last edited by nettmaus; 02-01-2014 at 01:46 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to collecting email from remote POP3 server and delivery to local users skc Linux - Server 3 07-13-2011 04:21 AM
what is the best way using remote control to control rhel server? hocheetiong Linux - Newbie 1 11-02-2007 03:10 AM
Remote Control Server RySk8er30 Linux - Software 2 04-01-2005 03:48 PM
Email Server for remote users, can it be secure? javiergt Linux - Software 2 02-04-2005 09:44 AM
remote control for x server kermit Linux - Software 3 07-10-2002 08:48 AM


All times are GMT -5. The time now is 07:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration