[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sheflug] another surprisingly basic question
>>>>> "Ian" == Ian Wright <Ian [at] iw63.freeserve.co.uk> writes:
Ian> I have installed ssh onto a RH6.2 machine from the rpm and it
Ian> has installed in the /usr/local/bin/ directory.
I take it this is not a Red-Hat-distributed RPM? There's no good
reason for this if it is RH.
Ian> So, how can I avoid having to either type /usr/local/bin/ssh
Ian> or navigate to the directory and type ./ssh? What I mean is
Ian> what do I have to do to make it so I can just type ssh in the
Ian> default (/root) terminal window?
First, make sure that you want to do this as root. There's really no
need in most cases; you can do "ssh -l root $REMOTE_HOST" to log in as
root on the remote host---you don't need to be root locally. I would
advise keeping the secrets on floppy or CD-ROM, and doing something
like "ssh -l root -i /floppy/identity $HOST" if you're very worried
about maintaining remote security.
/usr/local/bin is often untrustworthy[1]; if you are the only user on
your machine, you can simply put
PATH=$PATH:/usr/local/bin
in root's ~/.profile (or whatever). Probably preferable, even if you
have many such utilities in /usr/local/bin, is to use explicit aliases
or shell functions instead:
alias ssh /usr/local/bin/ssh
function ssh () { /usr/local/bin/ssh "$ [at] "; }
either will do. If you really want to do this as root, you probably
want to alias /usr/local/bin/scp, too.
Ian> It also appears that I have two versions of ssh in the
Ian> directory with executables 'ssh' and 'ssh2' - what is the
Ian> difference between them - should I delete one? Replies
Ian> suitable for a simpleton please - it hasn't been a good
Ian> weekend ;o{ Thanks,
ssh is the version 1 protocol, ssh2 is the version 2 protocol. You
probably don't want to delete either (neither speaks the other's
language, as it were). ssh v1 is free, ssh v2 is not-quite-free (no
commercial use license).
Most people I know use ssh 1, I don't think there's that much
difference between them in security terms (v2's defaults may be such
that it is easier to configure a more secure system). Modulo
Richard's belief that MI6 and the US NSA can crack all the available
crypto faster than the average Joe can send it over the wire, of
course.
Footnotes:
[1] Not just crackers -- self-built software often has bugs in it.
Say, of the rm -rf / variety ... you don't want root using stuff you
don't know has been extensively tested unawares.
--
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences Tel/fax: +81 (298) 53-5091
_________________ _________________ _________________ _________________
What are those straight lines for? "XEmacs rules."
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.