LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 12-02-2004, 11:39 AM   #1
humpton
LQ Newbie
 
Registered: Aug 2003
Posts: 2

Rep: Reputation: 0
Updating /etc/aliases remotely


Hi there.

I have my own mail server running on a Debian Machine.

I currently have about 200 eMail aliases (one for every website I've ever been asked to provide an eMail address for - and surprisingly, I've only caught one of them as having given my address away). I'm continually adding more...

I'm currently at work and found something I'd like to subscribe to. Catch is, they send out the confirmation eMail which I need to respond to before it all happens. I can't get into my machine from anywhere other than the console (yeah, I'm a little nervous) so can't do this until I get home but would like to complete the sign up now. This is not the first time I've had this small dilema.

After all that, my question is, is there a way I can update my /etc/aliases (and of course running newaliases too) file without logging into the machine? My imagination tells me that I could eMail a special account within the server and it would scan the message, pull out the new alias(es), add it(them) to /etc/aliases, run newaliases, eMail me back to tell me it's done.

Am I dreaming? If not, my question then switches to asking for help on writing this script.

So, any thoughts?
Of course, ignore me if I'm way out of the realms of reality...

Stay JOLLY!
H
 
Old 12-02-2004, 12:46 PM   #2
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu ; CentOS ; Raspbian
Posts: 12,613

Rep: Reputation: 69
Well you probably could do something like this, but more so, what's the point? You can just as easily ssh into your box at home, and remote access the terminal as if you were right there in front of it. Check out openssh.org for more info, but it's really a lot easier than it will read. Install, port forward 22 to the that box, and then (assuming you are on a windows box at work) grab putty.exe (google for putty, it's the second choice) and go.

Cool
 
Old 12-03-2004, 06:19 AM   #3
humpton
LQ Newbie
 
Registered: Aug 2003
Posts: 2

Original Poster
Rep: Reputation: 0
Thanks. I appreciate your thoughts!

I do know about ssh, not your specific client recommendation though.

However, the main reason for asking this question the way I did, is that I don't want to open up port 22. I only have my mail and http ports open.

Stay JOLLY!
H
 
Old 12-03-2004, 07:49 PM   #4
linuxles
Member
 
Registered: Mar 2004
Location: Austin, TX
Distribution: CentOS Fedora RHEL SLES Knoppix
Posts: 78

Rep: Reputation: 15
I agree w/MasterC, use SSH.

I wouldn't want an automated script updating critical system files on my behalf.

Having port22 open is way more secure than having port 25 or http open...

And if you set it up the way I do, it's almost impossible for someone else to
get in via SSH.


Edit the /etc/ssh/sshd_config file and make three changes.

For the first change; force all connections to use SSH2, it is newer and more
secure than SSH1. Unless you are using an older distro that only has protocol 1,
you won't need the latter.

Make a copy of the following line (uncomment it) and remove the 1.

#Protocol 2,1
Protocol 2

Next; do not allow root to log in directly. Force someone to log in as a regular
user, then "su -" to root...

#PermitRootLogin yes
PermitRootLogin no

Last, but most important; change the port that SSH is expecting connections on:

#Port 22
Port XX    (where XX = your new portnumber)

See http://dshield.org/ and pick a port number that has nothing else running on it.
Then change the port num to that.

Here's an example of a port that has nothing assigned to it, and no viruses/trojans
are targeted at it. http://dshield.org/port_report.php?port=60 Change the 60 to
some other port number (like 59) to see a slightly different example (trojan).

Note: Do not change the /etc/services file. This way incoming SSH connections still
get directed to port 22 (which will fail).

Now, not only does someone have to know that you are accepting SSH connections,
but they also have to know which port it is running on...

To initialize the changes, restart sshd:

# /etc/init.d/sshd restart

And don't forget to open up a hole in the firewall for the new port number that you've
assigned to SSH.

---

To log in via SSH on a different port than the default, use the -p option:

# ssh -p XX hostname

To test, try:

$ ssh localhost
ssh: connect to host localhost port 22: Connection refused

$ ssh -p XX localhost
The authenticity of host 'localhost (127.0.0.1)'... <snip>

---
More: If you really want to be anal, you could even put specific host info into
the /etc/hosts.allow and hosts.deny file and only allow certain hosts to connect
via SSH, etc...

HTH,
/Les

Last edited by linuxles; 06-16-2005 at 03:25 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
where do ALIASes go? toaster.waffle Linux - General 1 05-19-2005 05:43 PM
Aliases Red Squirrel Linux - Software 2 05-10-2005 06:58 PM
aliases depaul Linux - Software 23 07-30-2003 06:49 PM
what aliases do you use most? m0rl0ck Linux - General 17 02-12-2003 01:25 AM
Aliases Atroxic Linux - General 3 02-09-2002 12:49 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 12:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration