Entry 22544 (Berkeley CSUA MOTD)

Berkeley CSUA MOTD:Entry 22544

WIKI \| FAQ \| Tech FAQ
`http://csua.com/feed/`

2025/04/03 [General] UID:1000 Activity:popular

4/3

2001/9/20 [Computer/SW/Security] UID:22544 Activity:very high

9/20   A problem for you:  Tom is NATed behind a firewall.  He SSHes out to a
       remote machine which is ALSO NATed and behind a firewall.  (the remote
       FW has a redirect to the remote internal machine which is how he can
       ssh to there).   Tom would like to run an X-term on the remote machine
       and have it (tunnled through ssh obviously) display on his local machine.
       Assuming he has root on the remote box and his box, but that any access
       to either firewall (especially the remote one) involves painful red-tape,
       What is the easiest way for tom to accomplish his objective.
        \_ "X11Forwarding yes" in your sshd_config and use "ssh -X" to
            get to machines.
                \_ Error: Can't open display:
        \_ chances are your error is unrelated to the NATing.
           \_ I agree with my esteemed collegue.
           \_ It is more likely due to your broken ass boxes
           \_ Indeed.  If you can ssh successfully, it can forward X.

ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/04/03 [General] UID:1000 Activity:popular

4/3

You may also be interested in these entries...

2013/10/24-11/21 [Computer/Companies/Apple] UID:54747 Activity:nil

9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        http://mashable.com/2013/09/15/severed-finger-iphone-5s
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
	...

2013/6/6-7/31 [Politics/Foreign/Asia/China, Computer/SW/Security] UID:54690 Activity:nil

6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
	...

2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil

8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...

2012/9/20-11/7 [Computer/SW/Unix, Finance/Investment] UID:54482 Activity:nil

9/20    How do I change my shell? chsh says "Cannot change ID to root."
        \_ /usr/bin/chsh does not have the SUID permission set. Without
           being set, it does not successfully change a user's shell.
           Typical newbie sys admin (on soda)
           \_ Actually, it does: -rwsr-xr-x 1 root root 37552 Feb 15  2011 /usr/bin/chsh
	...

2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil

8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...

2012/5/8-6/4 [Computer/SW/Unix] UID:54383 Activity:nil

5/8     Hello everyone!  This is Josh Hawn, CSUA Tech VP for Spring 2012.
        About 2 weeks ago, someone brought to my attention that our script
        to periodically merge /etc/motd.public into /etc/motd wasn't
        running.  When I looked into it, the cron daemon was running, but
        there hadn't been any root activity in the log since April 7th.  I
        looked into it for a while, but got lost in other things I was
	...

2012/2/9-3/26 [Computer/SW/Security, Computer/SW/Unix] UID:54305 Activity:nil

2/9     Reminder: support for mail services has been deprecated for *several
        years*. Mail forwarding, specifically .forward mail forwarding, is
        officially supported and was never deprecated.
        \_ There is no .forward under ~root.  How do we mail root and how do
           we get responses?
           \_ root@csua.berkeley.edu is and always has been an alias.
	...

2011/9/14-12/28 [Computer/SW/Unix] UID:54172 Activity:nil

9/12    We've restored CSUA NFS to something vaguely resembling normal
        functionality -- plus, with some luck, we should now have something
        vaguely resembling normal uptime, too!  Ping root@csua.org if you
        notice any problems.  --jordan
--------------------------------------------------------------------------------
        \_  Oh, and http://irc.CSUA.Berkeley.EDU is online again.
	...