Open SSH Backdoor

The opensshbackdoor program makes remote maintenance over ssh possible.

SSH

SSH is an ancronyn for Secure Shell. It makes encrypted network possible. Details are at SSH Homepage.

Backdoor

The backdoor script on tjener makes it possible to open a connection for remote help.

Definitions

school

place where the DebianEdu server is

contractor
people who do maintaince on the servers
tunnel
passage way between two points

Preparation

This the important part of the Openssh backdoor. Both school and contractor agree on which server, which port and which account to use. Say the server is gate.contractor.edu, the port number is 2309 and the account worm.

Contractor Preparation

Work in progress / FIXME

School preparation

Fill in the values for server, port and account Example given, when school people type cat /etc/default/backdoor they see

RHOST=gate.contractor.org
RPORT=2309
RUSER=worm

Usage

school

When the school decides they need contractor, they open the backdoor by

/etc/init.d/openbackdoor start

and give a telephone call to contractor and announce that they have opened the tunnel.

contractor

They pick the tunnel by

ssh -p 2309 user-on-school-server@gate.contractor.org

and they do their maintiance job.

Closing the backdoor

The school does

/etc/init.d/openbackdoor stop

The script

Here is the script. Copied from debian-edu-config/debian/debian-edu-config.open-backdoor in our svn repository, at revision 7223.