1965
Comment: converted to 1.6 markup
|
2172
openbackdoor seems to have fallen in disgrace
|
Deletions are marked like this. | Additions are marked like this. |
Line 67: | Line 67: |
The debian/changelog of debian-edu-config has this entry {{{ * Remove our backdoor (which was poorly implemented and misnamed feature, see the buglog for details). (Closes: #629040) }}} from 2012. |
Open SSH Backdoor
The opensshbackdoor program makes remote maintenance over ssh possible.
SSH
SSH is an ancronyn for Secure Shell. It makes encrypted network possible. Details are at SSH Homepage.
Backdoor
The backdoor script on tjener makes it possible to open a connection for remote help.
Definitions
- school
place where the DebianEdu server is
- contractor
- people who do maintaince on the servers
- tunnel
- passage way between two points
Preparation
This the important part of the Openssh backdoor. Both school and contractor agree on which server, which port and which account to use. Say the server is gate.contractor.edu, the port number is 2309 and the account worm.
Contractor Preparation
Work in progress / FIXME
School preparation
Fill in the values for server, port and account Example given, when school people type cat /etc/default/backdoor they see
RHOST=gate.contractor.org RPORT=2309 RUSER=worm
Usage
school
When the school decides they need contractor, they open the backdoor by
/etc/init.d/openbackdoor start
and give a telephone call to contractor and announce that they have opened the tunnel.
contractor
They pick the tunnel by
ssh -p 2309 user-on-school-server@gate.contractor.org
and they do their maintiance job.
Closing the backdoor
The school does
/etc/init.d/openbackdoor stop
The script
Here is the script. Copied from debian-edu-config/debian/debian-edu-config.open-backdoor in our svn repository, at revision 7223. The debian/changelog of debian-edu-config has this entry
* Remove our backdoor (which was poorly implemented and misnamed feature, see the buglog for details). (Closes: #629040)
from 2012.
- It might be relevant to use autossh (which I believe was added to Debian after the backdoor script was invented for Debian EDU)
-- JonasSmedegaard 2006-07-13 14:38:26