|
Grex > Helpers > #122: Grex System Announcements - Fall 2003 |  |
|
| Author |
Message |
i
|
|
Grex System Announcements - Fall 2003
| 
Sep 24 10:51 UTC 2003 |
This item is for system announcements (new computer equipment on Grex,
system upgrades, Grex meetings, etc.). Personal announcements should go
back in item 2; Grex system *problems* belong in the next item (#4).
|
| 68 responses total. |
dah
|
|
response 1 of 68:
|
Sep 24 11:22 UTC 2003 |
Right.
|
davel
|
|
response 2 of 68:
|
Sep 25 12:49 UTC 2003 |
Didn't it say you belonged in the *next* item?
|
asddsa
|
|
response 3 of 68:
|
Sep 25 19:43 UTC 2003 |
Your mom belongs in the next compartment.
|
remmers
|
|
response 4 of 68:
|
Oct 13 20:12 UTC 2003 |
Nominations are now open for December's Grex Board of Directors
election. See Item 25 in the Coop conference (item:coop,25) for
details and to make nominations.
|
asddsa
|
|
response 5 of 68:
|
Oct 16 22:36 UTC 2003 |
Thanks remmers.
|
cmcgee
|
|
response 6 of 68:
|
Oct 22 12:50 UTC 2003 |
When I use PuTTY to ssh to Grex, I do not see the "last login/failed
attempts", the "password will expire in X days" or the "you have new/unread/no
mail" announcements.
Why don't those announcements show up? Can I make ssh show them to me?
|
goose
|
|
response 7 of 68:
|
Oct 22 13:26 UTC 2003 |
ditto
|
aruba
|
|
response 8 of 68:
|
Oct 22 13:55 UTC 2003 |
Me too. I assumed this was a difference between how ssh and telnet requests
get handled by Grex. I too would like to know how to get those messages via
ssh.
|
remmers
|
|
response 9 of 68:
|
Oct 22 14:50 UTC 2003 |
It's a long-standing problem with ssh. There are two possible fixes
that I can think of: (1) modify the ssh source code (not a pretty
prospect), or (2) a workaround: Somebody writes a program to display the
missing information, and ssh users invoke that program from their .login
or .profile files.
|
other
|
|
response 10 of 68:
|
Oct 22 14:58 UTC 2003 |
Can the default .login and .profile be modified to include something
along the lines of:
if ssh then echo messages
|
remmers
|
|
response 11 of 68:
|
Oct 22 15:26 UTC 2003 |
Possibly. I imagine that the user's connection method is known to
the system by the time the user's startup files are processed.
|
cross
|
|
response 12 of 68:
|
Oct 22 16:13 UTC 2003 |
This response has been erased.
|
aruba
|
|
response 13 of 68:
|
Oct 22 16:54 UTC 2003 |
And what are those environment variables?
|
cross
|
|
response 14 of 68:
|
Oct 22 17:24 UTC 2003 |
This response has been erased.
|
gull
|
|
response 15 of 68:
|
Oct 22 17:40 UTC 2003 |
A bigger problem is that if your password expires, ssh will not let you
in. You have to telnet in to set the password, which means the new
password gets sent in cleartext across the network.
|
tod
|
|
response 16 of 68:
|
Oct 22 17:52 UTC 2003 |
This response has been erased.
|
cross
|
|
response 17 of 68:
|
Oct 22 17:53 UTC 2003 |
This response has been erased.
|
tod
|
|
response 18 of 68:
|
Oct 22 18:03 UTC 2003 |
This response has been erased.
|
cross
|
|
response 19 of 68:
|
Oct 22 20:46 UTC 2003 |
This response has been erased.
|
jhudson
|
|
response 20 of 68:
|
Oct 22 21:15 UTC 2003 |
After we get to the openBSD machine, why don't we scrap the
password expiration system altogether?
|
remmers
|
|
response 21 of 68:
|
Oct 22 22:14 UTC 2003 |
Here on Grex, when connected via ssh, I have SSH_CLIENT and SSH_TTY
environment variables set.
|
cross
|
|
response 22 of 68:
|
Oct 22 22:49 UTC 2003 |
This response has been erased.
|
malymi
|
|
response 23 of 68:
|
Oct 23 08:28 UTC 2003 |
the problem with sshd is that it believes it knows how to process a
login. the authors found that not all systems would even allow sshd to
do what it tries to do, so the arrogant fools were forced into providing
a method whereby the system login program can be invoked -- this via
`uselogin yes'.
|
gull
|
|
response 24 of 68:
|
Oct 23 13:30 UTC 2003 |
Though you have to be careful. A fair fraction of the security holes in
ssh were related to the use of "uselogin yes".
|