Minutes of Ilugc meet 14th DEC 2002 (Sat)
As per the tradition of ilugc the meet started off late at around 3.30 pm.
There were a few people present.
The speaker who agreed to talk on Intrusion Detection (Mr Amresh) was not
there so we were in search of ideas to start the meet and to keep it going .
1) Our LUG coordinator - Mr Bharathi took the stage first and gave us all an
intro about how BangLinux was conducted. The entry to banglinux was 300/-
which included a T-shirt, lunch for 3 days and coffee. He said that there
were people selling linux distros and proggies.
SOmu distributed some T-shirts meanwhile :)
2) Somu came to the dias after this to deliver a talk on SSH, Basic features
of SSH and what ssh can do. The talk started with somu giving us an intro to
Public key, private key, session key , type of encryption used and
pass-phrases (secure way of using ssh).
Then somu proceeded to talk on ssh-agents which are used to automate
processes which are tiring like remembering many pass-phrases. He talked
about how to go about adding public keys of various boxes to the ssh agent
using the ssh - add command.
Then he talked about how to make other services use ssh using port
forwarding. He explained this using a scenario.
Consider two boxes (one local and one remote). The remote
box has an imap server running on it and the local box wants to access the
imap server to read mails using the secuity of SSH. To attain this the ssh
tunnel is exablished between the server and the client and the imap port
number is binded to another free port on which the ssh listens.This is done
using the command
#ssh L:2001:143:R
where L = local, R=remote , 143 = imap port, 2001 = free port
Then there was a part on agent-forwarding. This is turned on using
forwardagent yes.
Then there was again a case in which there are 2 boxes H (home) and W(work).
The box W is protected from the NET by another box B. When someone wants to
login into W, the person has to login through B to get to W. This can be
done by
1. ssh from H to B and
2 ssh from B to W.
But this case is impossible because the box B does not store any keys. So
agent forwarding comes into action. In this all the keys are stored in the
machine H itself.
BOTTOM LINE - The box B acts as a transperant layer between H and W. (there
were some questions from all sides on this one). Somu finished his talk with
this.
At this point the meet got over and veeryone moved out except a few of us
who were chit-chatting.Then the group of me,Suresh,Bharathi,somu went to
have some coffee in Nandhinee's where we met prabhu with a few of his
friends. There was a little conversation on flamewars there. With this the
meet ended.
Any corrections/ comments welcome :)
Regards
Dosai
0o0o0o0
|| o o ||
|| ! ||
\\ --- //
#####
!@#$%^%$#@!^&*()(*&&^%%
~~~~ Dosai ~~~~
n3nn4pu th44n p0ll4p4 k3dukum
From Ravi Rao <mail@xxxxxxxxxxx> Sun Dec 15 07:26:20 2002
From: Ravi Rao <mail@xxxxxxxxxxx> (Ravi Rao)
Date: Sun, 15 Dec 2002 02:26:20 -0500
Subject: Minutes of Sat Dec 14, 2002 [was] Re: [Ilugc] (no subject)
In-Reply-To: <000701c2a406$8ffa4da0$9480d6d2@inferno>
References: <000701c2a406$8ffa4da0$9480d6d2@inferno>
Message-ID: <20021215072620.GB21531@xxxxxxxxxxx>
Heylo,
* Dosai <manoaj@xxxxxxxxx> [Sun, Dec 15, 2002 at 12:22:37PM +0530]:
Dosai> Minutes of Ilugc meet 14th DEC 2002 (Sat)
Thanks!
Dosai> There were a few people present.
Next time, an approx head count, if you can manage it, would be
appreciated.
Dosai> Then he talked about how to make other services use ssh using port
Dosai> forwarding. He explained this using a scenario.
You *do* know that software for such stuff exists, like stunnel,
right? Its _exactly_ for such reasons that stunnel et al were written.
Dosai> #ssh L:2001:143:R
Dosai> where L = local, R=remote , 143 = imap port, 2001 = free port
There's also imaps ...
==> /etc/services <==
imaps 993/tcp # IMAP over SSL
imaps 993/udp # IMAP over SSL
<==
Dosai> 1. ssh from H to B and
Dosai> 2 ssh from B to W.
Dosai> this case is impossible because the box B does not store any keys. So
Dosai> agent forwarding comes into action. In this all the keys are stored in
Dosai> machine H itself.
And "B" needs no special configuration ... ?!
Dosai> who were chit-chatting.Then the group of me,Suresh,Bharathi,somu went to
Dosai> have some coffee in Nandhinee's where we met prabhu with a few of his
Nandhinees! :)
Dosai> friends. There was a little conversation on flamewars there. With this
*perk*
Dosai> Dosai
best,
--ravi "recently ate your bro (masala dosai)" rao.
Dosai> ~~~~ Dosai ~~~~
Dosai> n3nn4pu th44n p0ll4p4 k3dukum
#%*& ravi &*%#
P5: P15 d0n7 h4x0r m3
