= Open SSH Backdoor = The opensshbackdoor program makes remote maintenance over ssh possible. == SSH == SSH is an ancronyn for Secure Shell. It makes encrypted network possible. Details are at [[http://www.openssh.org|SSH Homepage]]. == Backdoor == The backdoor script on `tjener` makes it possible to open a connection for remote help. == Definitions == school:: place where the DebianEdu server is contractor:: people who do maintaince on the servers tunnel:: passage way between two points == Preparation == This the important part of the Openssh backdoor. Both ''school'' and ''contractor'' agree on which server, which port and which account to use. Say the server is `gate.contractor.edu`, the port number is `2309` and the account `worm`. === Contractor Preparation === Work in progress / FIXME === School preparation === Fill in the values for `server`, `port` and `account` Example given, when school people type `cat /etc/default/backdoor` they see {{{ RHOST=gate.contractor.org RPORT=2309 RUSER=worm }}} == Usage == === school === When the `school` decides they need `contractor`, they open the backdoor by {{{ /etc/init.d/openbackdoor start }}} and give a telephone call to `contractor` and announce that they have opened the `tunnel`. === contractor === They pick the tunnel by {{{ ssh -p 2309 user-on-school-server@gate.contractor.org }}} and they do their maintiance job. == Closing the backdoor == The school does {{{ /etc/init.d/openbackdoor stop }}} === The script === [[DebianEdu/FAQ/Maintenance/OpenSSHBackDoor/script| Here]] is the script. Copied from debian-edu-config/debian/debian-edu-config.open-backdoor in our svn repository, at revision 7223. The debian/changelog of debian-edu-config has this entry {{{ * Remove our backdoor (which was poorly implemented and misnamed feature, see the buglog for details). (Closes: #629040) }}} from 2012. #629040 https://bugs.debian.org/629040 ---- * It might be relevant to use autossh (which I believe was added to Debian after the backdoor script was invented for Debian EDU) . -- JonasSmedegaard <>