 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>>> So how exactly would I transfer a file to you from my Windows?
>
>> You can't. My PC is firewalled.
>
>> You also can't transfer a file using Unix, for the same reason.
>
> Most firewalls have the ssh port open because it's considered safe.
> (And if it's not, it's easy to open in most distros).
>
> Then you can use scp, rsync or any equivalent tool to transfer files.
> (There probably isn't any linux distro that doesn't come by default with
> scp and rsync.)
No, I mean there's a *hardware* firewall in the way. You know, with the
big Cisco sticker on it and the 3-digit price tag? (Although obviously
that's only because I'm at work right now. My house doesn't have one of
those...)
> (Btw, the great thing about rsync is that it can resume interrupted file
> transfers, a rather important feature that, oddly, most file transfer tools
> completely lack.)
It's certainly an important feature. And yes, lots of tools seem to lack it.
I was under the impression that HTTP (and possibly FTP) support resuming
partial downloads. (But not all servers bother to implement this.)
Actually, I was wondering... can you use rsync to synchronise, say, the
files on an external storage device? Or does it only work if the other
endpoint is a *computer*?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> Terminal Services is where you have an expensive server-class version of
>> Windows, you install all your complicated applications on that, and then
>> end users use their Windows-based desktop PC to log into the server and
>> run the applications on that. In other words, each desktop PC becomes
>> essentially a dumb terminal for connecting to the server where the
>> applications actually run.
>
> Nope, that's Citrix (it may have changed names since MS acquired them,
> but everyone in the industry still calls it Citrix) and it runs on a
> different port than RDP. Terminal Services is the service running on the
> remote machine that receives the connection from MSRTC.EXE running on
> your computer to allow remote desktop connections.
As far as I'm aware, Citrix is a completely different product made by a
completely different company. Terminal Services is just another instance
of the general RDP protocol.
>> Remote Desktop is where you log in to a remote desktop system in the
>> same way you'd log in to it remotely. Except... it's remote. To anybody
>> looking at the desktop locally, it just looks like the system is locked.
>> Because it's a /desktop/ system, only one user can be logged in to it at
>> once, remotely or locally.
>
> Nein. You can have two remote sessions on top of the "console" session
> on a machine running Terminal Services. since NT4.
Now reread what I wrote. For a *desktop* edition of Windows, you can
only have one user logged in at once. (Because, let's face it, otherwise
why would companies pay 400x more for the server version?)
>> What all these systems have in common is that one computer is displaying
>> the video output of another. Like a remote X session. Except that it
>> also connects the sound card, network drives, printers [but that never
>> ****ing works properly], clipboard, and probably a few other things as
>> well.
>
> Sound card, printers, clipboard and drive mappings are all optional and
> off by default, on the client side.
Really? It appears that they're all *on* by default in my testing...
Or maybe they changed it in some version of the RDP client? I know
printing used to require that the same printer drives (*exactly* the
same printer drivers) are installed on client and server, whereas now it
works without that.
> So why were you griping about having to install ssh because X11 was
> unencrypted?
>
> The VPN tunnel also allows you to bypass the NAT done by your company's
> firewall.
Puzzling thing: There are many, many SSH clients for Windows. There are
no SSH *servers*. And I have literally no idea why.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> So you're seriously telling me that with a default Linux install, not
>> only is an ssh server installed, but it's actually configured to allow
>> incoming connections and service them? And that X will actually work in
>> this configuration?
>
> I don't remember if sshd is enabled by default on OpenSuse, but it's
> as easy to enable as doing a couple of mouse clicks (and typing the root
> password, so that yast can perform the system modifications). IIRC it even
> offers you to automatically open the ssh port on the firewall.
Damn. Setting up SSH has got a whole lot easier than when I tried to do
it with Debian a few years ago.
I'm presuming it defaults to password authentication though? As I
recall, half the trouble was figuring out how to permanently and
irrevocably disable password authentication and *only* allow public key
authentication. (For one thing, you have to work out how to create a
keypair...)
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 13/09/2011 03:21 PM, Invisible wrote:
>>> Terminal Services is where you have an expensive server-class version of
>>> Windows,
>>
>> Nope, that's Citrix (it may have changed names since MS acquired them,
>> but everyone in the industry still calls it Citrix) and it runs on a
>> different port than RDP. Terminal Services is the service running on the
>> remote machine that receives the connection from MSRTC.EXE running on
>> your computer to allow remote desktop connections.
>
> As far as I'm aware, Citrix is a completely different product made by a
> completely different company. Terminal Services is just another instance
> of the general RDP protocol.
http://en.wikipedia.org/wiki/Remote_Desktop_Services
Terminal Services most definitely *is* RDP. So is Remote Assistance.
Exactly as I claimed.
http://en.wikipedia.org/wiki/Citrix
Citrix was not "acquired" by MS at all.
MS got the idea for Terminal Services from Citrix, but the actual wire
protocol appears to be derived from PictureTel.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Invisible <voi### [at] dev null> wrote:
> >>> So how exactly would I transfer a file to you from my Windows?
> >
> >> You can't. My PC is firewalled.
> >
> >> You also can't transfer a file using Unix, for the same reason.
> >
> > Most firewalls have the ssh port open because it's considered safe.
> > (And if it's not, it's easy to open in most distros).
> >
> > Then you can use scp, rsync or any equivalent tool to transfer files.
> > (There probably isn't any linux distro that doesn't come by default with
> > scp and rsync.)
> No, I mean there's a *hardware* firewall in the way. You know, with the
> big Cisco sticker on it and the 3-digit price tag? (Although obviously
> that's only because I'm at work right now. My house doesn't have one of
> those...)
And that hardware firewall is completely incapable of forwarding ssh
connections? Pretty useless, I'd say.
> Actually, I was wondering... can you use rsync to synchronise, say, the
> files on an external storage device? Or does it only work if the other
> endpoint is a *computer*?
Try http://en.wikipedia.org/wiki/Rsync
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> No, I mean there's a *hardware* firewall in the way. You know, with the
>> big Cisco sticker on it and the 3-digit price tag? (Although obviously
>> that's only because I'm at work right now. My house doesn't have one of
>> those...)
>
> And that hardware firewall is completely incapable of forwarding ssh
> connections? Pretty useless, I'd say.
No, I don't have the password to configure it. (And besides, have *you*
tried configuring Cisco stuff? It's not exactly intuitive. You probably
need Certified Engineer status to figure it out.)
>> Actually, I was wondering... can you use rsync to synchronise, say, the
>> files on an external storage device? Or does it only work if the other
>> endpoint is a *computer*?
>
> Try http://en.wikipedia.org/wiki/Rsync
Hmm, interesting. It looks like this might be a convenient way to update
my MP3 player...
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 09/13/2011 11:06 AM, Warp wrote:
> Invisible<voi### [at] devnull> wrote:
>> On 13/09/2011 11:25 AM, Warp wrote:
>>> Invisible<voi### [at] devnull> wrote:
>>>> Now I haven't tried it, but I'm told is approximately /impossible/ to
>>>> actually configure X so that you can access it remotely. Even though
>>>> that's its entire design goal.
>>>
>>> I don't know what you mean.
>>>
>>> For the sake of it, I just now tried to do a "ssh -X" to a friend's computer
>>> (who is also running linux) and ran xclock. It opened nicely on my screen,
>>> even though the program itself is running on my friend's computer (which is
>>> physically located something like 200 km from here).
>
>> Like I said, I haven't personally tried to run X remotely. (I wouldn't
>> know how.) I'm told it requires spending hours editing the X
>> configuration files to set up authentication and so forth, and then to
>> make sure the server is started, and then to tell the application you
>> want to run to open on the remote machine rather than the local one (by
>> using CLI options that vary for every individual program so you have to
>> look them up), and then...
>
>> And that's without encryption. If you want encryption, now you have to
>> also install and configure an ssh server and client, set up
>> authentication and encryption keys and god-knows what else.
>
> Didn't you read what I wrote above?
>
> Short answer: No, you don't. (I didn't have to do any configuration to get
> that test working. I just did it, and it worked. The only thing I had to
> know was that you have to give ssh the parameter -X to enable X forwarding,
> which is disabled by default for safety reasons. And the connection is,
> obviously fully encrypted because it happens through ssh.)
>
>> So you're seriously telling me that with a default Linux install, not
>> only is an ssh server installed, but it's actually configured to allow
>> incoming connections and service them? And that X will actually work in
>> this configuration?
>
> I don't remember if sshd is enabled by default on OpenSuse, but it's
> as easy to enable as doing a couple of mouse clicks (and typing the root
> password, so that yast can perform the system modifications). IIRC it even
> offers you to automatically open the ssh port on the firewall.
>
confirm this last part as I'm on OpenSuse as well ... t'was a piece of
cake from Yast, but if you know the process the command-line method is
not /that/ cumbersome either
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Invisible <voi### [at] devnull> wrote:
> Damn. Setting up SSH has got a whole lot easier than when I tried to do
> it with Debian a few years ago.
> I'm presuming it defaults to password authentication though? As I
> recall, half the trouble was figuring out how to permanently and
> irrevocably disable password authentication and *only* allow public key
> authentication. (For one thing, you have to work out how to create a
> keypair...)
Hmm, for some reason the sshd configuration module of yast is not
installed by default nowadays (it used to be with older versions of
opensuse). Well, it can be installed easily enough, though. (Although,
admittedly, you have to first figure out that you have to do this. I don't
understand why it isn't installed by default.)
But yes, you can select RSA or public key authentication there.
http://doc.opensuse.org/products/opensuse/openSUSE/opensuse-security/cha.ssh.html#sec.ssh.yast
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Tue, 13 Sep 2011 03:57:59 -0300, Jim Holsenback wrote:
> On 09/12/2011 06:20 PM, Jim Henderson wrote:
>> On Mon, 12 Sep 2011 21:17:02 +0100, Orchid XP v8 wrote:
>>
>>> I'm not aware of any Unix system which *defaults* to letting remote
>>> users access the entire filesystem if they know the root password.
>>> Probably because it's a stunningly bad idea, unless the local network
>>> is trusted. But anyway...
>>
>> Every unix system can do this with something like sshfs installed - on
>> the client side only - and sshd running on the server.
>>
>> Jim
> yep .. that's what I use to get/put files between my system and the pov
> server ... both are "nix" machines. The ssh is just used to establish a
> secure connection, but the underlaying protocol is ftp to transfer
> files. BTW: there are windows versions of the the same tool set ...
> stelnet, sftp (etc) that I used when I was exclusive on a doze box
No, sshfs is different than sftp - sshfs actually uses fuse to allow you
to mount the remote filesystem locally using just the sshd daemon.
Quite handy if you don't want to have an ftp daemon running.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Tue, 13 Sep 2011 03:24:25 -0400, Warp wrote:
> Jim Henderson <nos### [at] nospamcom> wrote:
>> On Mon, 12 Sep 2011 21:17:02 +0100, Orchid XP v8 wrote:
>
>> > I'm not aware of any Unix system which *defaults* to letting remote
>> > users access the entire filesystem if they know the root password.
>> > Probably because it's a stunningly bad idea, unless the local network
>> > is trusted. But anyway...
>
>> Every unix system can do this with something like sshfs installed - on
>> the client side only - and sshd running on the server.
>
> Anyways, sharing an entire file system is often overkill, if your goal
> is to simply transfer one file to another person.
Sure, that's what scp is for.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|
