Berkeley CSUA MOTD:Entry 14655
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/04/03 [General] UID:1000 Activity:popular
4/3     

1998/9/23-24 [Computer/SW/Security] UID:14655 Activity:high
9/22    Any chance of getting ssh2 installed? not clobber ssh1, but just
        have ssh2 available so that we might be able to access other
        systems, pretty please? I'll do it if you gimme the root passwd!
        \_ You don't need to be root.  Just compile it in your home directory
           and delete the source tree once you'r done.  The README tells you
           how to do it.  Or better, put it in some shared directory so
           everyone has access to it.  The only bummer is that you can't get
           the daemon to work without being root.
        \_ What's the diff?
                \_ ssh2 uses the ssh 2.0 protocol which is more secure
                   some ssh2 servers won't accept ssh1 connections
                   \_ does that mean that they won't accept telnet/rlogin
                      sessions since those are less secure.  An ssh2.0
                      only server - that's unheard of.  Stop tabbing so
                        \_ It's what you get if you install sshd2 and don't
                           set it up to call sshd1 to handle old connections.
                           The sshd2 software only knows how to handle ssh 2.0
                           protocol.
                      far to the right.
                      \_ It's not unheard of and it makes great sense. --dim
                        \_ Some cs servers (like torus.cs) only accept ssh
                           & kerberos connections - no normal telnet/rlogin
                           \_ This is a good policy and should be expanded
                              (at least when there are more free
                              implementations of SSH).
           \_ originally, there was a problem with the ssh2 licensing that
              made it okay (without paying for licensing) to say have sshd
              running on a machine if say people were going to login and
              use the machine for homework but not necessarily so for
              machines like restricted access fileservers and nameservers
              that only administrative people needed (or could) log into.
              This may have changed since ssh2 was first released. --jon
              \_ It's still quite far from a free software license.  See
                 /tmp/SSH-LICENSE, if you want all the gory details; there
                 is a project to create a genuinely free replacement. -- schoen
ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/04/03 [General] UID:1000 Activity:popular
4/3     

You may also be interested in these entries...
2013/10/24-11/21 [Computer/Companies/Apple] UID:54747 Activity:nil
9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        http://mashable.com/2013/09/15/severed-finger-iphone-5s
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
	...
2013/6/6-7/31 [Politics/Foreign/Asia/China, Computer/SW/Security] UID:54690 Activity:nil
6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
	...
2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil
8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...
2012/9/20-11/7 [Computer/SW/Unix, Finance/Investment] UID:54482 Activity:nil
9/20    How do I change my shell? chsh says "Cannot change ID to root."
        \_ /usr/bin/chsh does not have the SUID permission set. Without
           being set, it does not successfully change a user's shell.
           Typical newbie sys admin (on soda)
           \_ Actually, it does: -rwsr-xr-x 1 root root 37552 Feb 15  2011 /usr/bin/chsh
	...
2012/9/24-11/7 [Computer/SW/Languages, Computer/SW/Unix] UID:54484 Activity:nil
9/24    How come changing my shell using ldapmodify (chsh doesn't work) doesn't
        work either? ldapsearch and getent show the new shell but I still get
        the old shell on login.
        \_ Scratch that, it magically took my new shell now. WTF?
           \_ probably nscd(8)
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/5/8-6/4 [Computer/SW/Unix] UID:54383 Activity:nil
5/8     Hello everyone!  This is Josh Hawn, CSUA Tech VP for Spring 2012.
        About 2 weeks ago, someone brought to my attention that our script
        to periodically merge /etc/motd.public into /etc/motd wasn't
        running.  When I looked into it, the cron daemon was running, but
        there hadn't been any root activity in the log since April 7th.  I
        looked into it for a while, but got lost in other things I was
	...
2012/2/9-3/26 [Computer/SW/Security, Computer/SW/Unix] UID:54305 Activity:nil
2/9     Reminder: support for mail services has been deprecated for *several
        years*. Mail forwarding, specifically .forward mail forwarding, is
        officially supported and was never deprecated.
        \_ There is no .forward under ~root.  How do we mail root and how do
           we get responses?
           \_ root@csua.berkeley.edu is and always has been an alias.
	...