POV-Ray : Newsgroups : povray.off-topic : Data transfer Server Time
30 Jul 2024 04:23:09 EDT (-0400)
  Data transfer (Message 61 to 70 of 195)  
<<< Previous 10 Messages Goto Latest 10 Messages Next 10 Messages >>>
From: Darren New
Subject: Re: Data transfer
Date: 13 Sep 2011 12:51:00
Message: <4e6f89f4$1@news.povray.org>
On 9/13/2011 3:42, Invisible wrote:
>  I'm told it requires spending hours editing the X configuration files
> to set up authentication and so forth, and then to make sure the server is
> started, and then to tell the application you want to run to open on the
> remote machine rather than the local one (by using CLI options that vary for
> every individual program so you have to look them up), and then...

You're about 10 to 15 years out of date.

Back when 256 colors was a high-end graphics card, this is how it worked.

-- 
Darren New, San Diego CA, USA (PST)
   How come I never get only one kudo?


Post a reply to this message

From: Darren New
Subject: Re: Data transfer
Date: 13 Sep 2011 12:56:19
Message: <4e6f8b33@news.povray.org>
On 9/13/2011 0:30, Warp wrote:
>    (If this so "trivial", why haven't I ever heard of this "RDP"? Yes, this
> is the first time in my life I hear of it.

RDP is the Remote Desktop Protocol. You probably have it installed on your 
Linux machine under the name "Terminal Services Client."  Try firing that up 
and connecting to sgf.dnsalias.com.  RDP is the new name because TSC was 
originally designed for "X-Terminal" like operations on a headless server, 
while RDP is generalized to connect to anything.

There's also "remote assistance", which uses the same thing except automates 
the security and makes it easier for a naive user to let someone outside 
help them out, allowing management of remote requests?

> And it's not like I haven't been
> using Windows pretty regularly for the past 15 years or so. Contrast me
> knowing about tools like rsync, rcp, scp and wget, which arguably are not
> the most obvious things in unix either. What is the difference?)

I don't know. Do you remote login to Windows machines? It's how one does it, 
just like "ssh" does it for the UNIX world.

-- 
Darren New, San Diego CA, USA (PST)
   How come I never get only one kudo?


Post a reply to this message

From: Darren New
Subject: Re: Data transfer
Date: 13 Sep 2011 13:29:16
Message: <4e6f92ec$1@news.povray.org>
On 9/13/2011 1:21, Invisible wrote:
>  Otherwise all
> this traffic would be unencrypted...)

It's encrypted without the VPN. It just uses DH without a cert, so you don't 
get warnings about MITM.

-- 
Darren New, San Diego CA, USA (PST)
   How come I never get only one kudo?


Post a reply to this message

From: Darren New
Subject: Re: Data transfer
Date: 13 Sep 2011 13:30:58
Message: <4e6f9352$1@news.povray.org>
On 9/13/2011 3:28, Warp wrote:
>    I don't think Windows uses soft links itself either. Soft links are
> supported by NTFS, but I don't think Windows itself uses them for anything.

They've been used for ages by offline storage (i.e., files backed up to tape 
that automatically get restored when you try to open them). They're also 
used from Vista onwards to move your home directory stuff around, since 
there's so many apps that hard-coded "Documents and Settings".

> (After all, Windows has to be able to work if installed on a FAT32 partition
> too.)

Not any more.

-- 
Darren New, San Diego CA, USA (PST)
   How come I never get only one kudo?


Post a reply to this message

From: Darren New
Subject: Re: Data transfer
Date: 13 Sep 2011 13:35:30
Message: <4e6f9462$1@news.povray.org>
On 9/13/2011 1:27, Invisible wrote:
>>> You can thank Windows for this.
>>
>> Nah. You can thank NAT for this.
>
> I think it's more the general problem of Internet security.

No, it's a problem of routing. If you can't address the remote computer, you 
can't give it a file, no matter what protocol you use.

>> Note how all of those require a running server on a public IP address.
>
> Well, yes. To perform a data transfer, you need a way to contact the other end.

That's my point. It's nothing to do with Windows vs Linux. It has to do with 
public vs private IP addresses.

> I'm told there's a system called UPnP or something which is supposed to
> allow you to automatically bypass NAT.

The local machine still needs to run something that uses upnp to poke a hole 
in the firewall.

> It's news to me that you can transfer files with RDP.

Give it a try. Log in remotely, copy a file off your desktop, mouse over the 
remote machine, and pick paste.

Some older versions disallow this. It's kind of touchy, as you have to get 
the same version at both ends, for example.

-- 
Darren New, San Diego CA, USA (PST)
   How come I never get only one kudo?


Post a reply to this message

From: Francois Labreque
Subject: Re: Data transfer
Date: 13 Sep 2011 13:59:55
Message: <4e6f9a1b@news.povray.org>

>>> No, I mean there's a *hardware* firewall in the way. You know, with the
>>> big Cisco sticker on it and the 3-digit price tag? (Although obviously
>>> that's only because I'm at work right now. My house doesn't have one of
>>> those...)
>>

You're off by two orders of magnitude.  Most Cisco firewalls are in teh 
5 digit price tag.

>> And that hardware firewall is completely incapable of forwarding ssh
>> connections? Pretty useless, I'd say.
>
> No, I don't have the password to configure it. (And besides, have *you*
> tried configuring Cisco stuff? It's not exactly intuitive. You probably
> need Certified Engineer status to figure it out.)

You don't need to be a Cisco Certified Internetwork Expert to figure it 
out.  The Cisco manuals are usually pretty easy to follow, and freely 
available on their web site.

And it is actually pretty intuitive...

- Give each interface an ip address.
- Create your NAT tables.
- And off you go.

The only difference between a Cisco firewall and a D-link or NetGear 
home router, besides performance and scalability, is that you can (and 
should!) override the basic "everything outbound is ok, nothing inbound 
can come in" configuration.

Just like you would with any other infrastructure firewall, whether 
hardware (e.g.: Juniper, Netscreen, etc...) or software (e.g.: 
Checkpoint)  (Not talking about the software you run on your PC asking 
you if it's ok for MSPAINT.EXE to run as a service)

-- 
/*Francois Labreque*/#local a=x+y;#local b=x+a;#local c=a+b;#macro P(F//
/*    flabreque    */L)polygon{5,F,F+z,L+z,L,F pigment{rgb 9}}#end union
/*        @        */{P(0,a)P(a,b)P(b,c)P(2*a,2*b)P(2*b,b+c)P(b+c,<2,3>)
/*   gmail.com     */}camera{orthographic location<6,1.25,-6>look_at a }


Post a reply to this message

From: Francois Labreque
Subject: Re: Data transfer
Date: 13 Sep 2011 14:09:36
Message: <4e6f9c60$1@news.povray.org>

> On 13/09/2011 03:21 PM, Invisible wrote:
>>>> Terminal Services is where you have an expensive server-class
>>>> version of
>>>> Windows,
>>>
>>> Nope, that's Citrix (it may have changed names since MS acquired them,
>>> but everyone in the industry still calls it Citrix) and it runs on a
>>> different port than RDP. Terminal Services is the service running on the
>>> remote machine that receives the connection from MSRTC.EXE running on
>>> your computer to allow remote desktop connections.
>>
>> As far as I'm aware, Citrix is a completely different product made by a
>> completely different company. Terminal Services is just another instance
>> of the general RDP protocol.
>
> http://en.wikipedia.org/wiki/Remote_Desktop_Services
>
> Terminal Services most definitely *is* RDP. So is Remote Assistance.
> Exactly as I claimed.

So did I.  the part that you describes as "where you have an expensive 
server-class version of Windows, you install all your complicated 
applications on that, and then end users use their Windows-based desktop 
PC to log into the server and run the applications on that."

Is what I said was not Terminal Services.  It may be technically 
possible to do it via Terminal Services, but most entreprises who will 
require this will use Citrix.

>
> http://en.wikipedia.org/wiki/Citrix
>
> Citrix was not "acquired" by MS at all.
>
> MS got the idea for Terminal Services from Citrix, but the actual wire
> protocol appears to be derived from PictureTel.

Read the sentence just below the one where you pasted this from.  I was 
mistaken in thinking that they had been bought, but they are indeed in 
bed with Microsoft.


-- 
/*Francois Labreque*/#local a=x+y;#local b=x+a;#local c=a+b;#macro P(F//
/*    flabreque    */L)polygon{5,F,F+z,L+z,L,F pigment{rgb 9}}#end union
/*        @        */{P(0,a)P(a,b)P(b,c)P(2*a,2*b)P(2*b,b+c)P(b+c,<2,3>)
/*   gmail.com     */}camera{orthographic location<6,1.25,-6>look_at a }


Post a reply to this message

From: Francois Labreque
Subject: Re: Data transfer
Date: 13 Sep 2011 14:17:36
Message: <4e6f9e40$1@news.povray.org>

> Puzzling thing: There are many, many SSH clients for Windows. There are
> no SSH *servers*. And I have literally no idea why.

Really?

http://www.freesshd.com/?ctt=download

Or maybe, running OpenSSH's sshd under Cygwin?
http://www.petri.co.il/setup-ssh-server-vista.htm

Or buying one of the many commercial versions available?

-- 
/*Francois Labreque*/#local a=x+y;#local b=x+a;#local c=a+b;#macro P(F//
/*    flabreque    */L)polygon{5,F,F+z,L+z,L,F pigment{rgb 9}}#end union
/*        @        */{P(0,a)P(a,b)P(b,c)P(2*a,2*b)P(2*b,b+c)P(b+c,<2,3>)
/*   gmail.com     */}camera{orthographic location<6,1.25,-6>look_at a }


Post a reply to this message

From: Orchid XP v8
Subject: Re: Data transfer
Date: 13 Sep 2011 14:38:18
Message: <4e6fa31a$1@news.povray.org>
On 13/09/2011 07:00 PM, Francois Labreque wrote:

>>>> No, I mean there's a *hardware* firewall in the way. You know, with the
>>>> big Cisco sticker on it and the 3-digit price tag? (Although obviously
>>>> that's only because I'm at work right now. My house doesn't have one of
>>>> those...)
>>>
>
> You're off by two orders of magnitude. Most Cisco firewalls are in teh 5
> digit price tag.

True. But not this particular one.

http://www.ebuyer.com/135532-cisco-asa-5505-firewall-edition-bundle-asa5505-50-bun-k9

(Go on, hack me. You know you want to.)

>>> And that hardware firewall is completely incapable of forwarding ssh
>>> connections? Pretty useless, I'd say.
>>
>> No, I don't have the password to configure it.

Still stands.

>> (And besides, have *you*
>> tried configuring Cisco stuff? It's not exactly intuitive. You probably
>> need Certified Engineer status to figure it out.)
>
> You don't need to be a Cisco Certified Internetwork Expert to figure it
> out. The Cisco manuals are usually pretty easy to follow, and freely
> available on their web site.

Really? That might be worth reading...

> And it is actually pretty intuitive...
>
> - Give each interface an ip address.
> - Create your NAT tables.
> - And off you go.

 From what I've seen, you telnet into the router, enter a password, and 
then enter lines of gibberish such as "enh eth gw all". You would 
*definitely* need a manual to figure out WTH that actually means, or 
what the name of the command you want is.

> The only difference between a Cisco firewall and a D-link or NetGear
> home router, besides performance and scalability, is that you can (and
> should!) override the basic "everything outbound is ok, nothing inbound
> can come in" configuration.

I'm still guessing that, between the configuration for routing to 
multiple LANs, multiple VPN endpoints, and remote access, adding a line 
that forwards SSH to a port on a desktop PC who's IP address is 
configured via DHCP is probably going to take some doing. (!)

And we still have the minor issue that I don't have the password. :-P

Actually, I have a NetGear router in my house. I used it to create a VPN 
between my house and my grandparents' house. It lets you do all sorts of 
port forwarding and stuff. The only trouble is... it's not reliable. 
Like, when certain datagrams pass through it, the firmware crashes, and 
you have to power-cycle it to get the Internet back. Eventually I was 
forced to take it out of the circuit, because it was pissing me off so 
much! (No, there isn't a firmware update available.)

Given the price of the Cisco ASA, I'm almost tempted...

-- 
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*


Post a reply to this message

From: Orchid XP v8
Subject: Re: Data transfer
Date: 13 Sep 2011 14:41:31
Message: <4e6fa3db$1@news.povray.org>
>> Damn. Setting up SSH has got a whole lot easier than when I tried to do
>> it with Debian a few years ago.
>>
>> I'm presuming it defaults to password authentication though? As I
>> recall, half the trouble was figuring out how to permanently and
>> irrevocably disable password authentication and *only* allow public key
>> authentication. (For one thing, you have to work out how to create a
>> keypair...)
>
> Yes, it defaults to password authentication.
>
> To disable password authentication, modify /etc/ssh/sshd_config to
> include:
>
> PasswordAuthentication no
>
> Done.

The solution may not be complex. Trying to find it in the documentation 
often is.

Now explain how to generate a keypair and put the public half on the 
list of acceptable clients.

-- 
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*


Post a reply to this message

<<< Previous 10 Messages Goto Latest 10 Messages Next 10 Messages >>>

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.