Re: Idea: "SSH Meeting"

On Mon, 13 Feb 2006 14:23:55 -0500, Jan Panteltje <pNaonStpealmtje@xxxxxxxxx> wrote:

On a sunny day (13 Feb 2006 09:04:30 -0800) it happened "Alfred"
<99m@xxxxxxxxx> wrote in
<1139850270.256755.97020@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>:

Jan Panteltje wrote:
I do this with telnet, but that is not port 80.
You just telnet to the other IP, login as root..
Some telnet allow no root login, maybe you can su - root. after login.
Works here.
You can also specify a port in telnet.
If you start telnetd (the deamon) in debug mode, a different port can be specified.

You can't do this when both the technician and the customer are behind
firewalls and NAT routing. In my office, I have to fill out paperwork
and wait like 2 weeks to get a firewall change request in, unless it's
an emergency.

The way to pull it off, like I said, is with a central proxy on the
Internet that both tie into, and then both exchange keystrokes and
shell activity back in a kind of pseudo-shell session.

This I would understand if the customer and the technician had
both different ports available (not each the same) via the firewall.

I do not get it, if both have for example port 80 (web access),
then that port could be used?

Set up telnet via port 80?
here test, (I have port 80 in use for webserver):
customer:
grml: ~ # in.telnetd -debug 81
doit - ALIVE


technician:
grml: ~ # telnet localhost 81
Trying 127.0.0.1...
Connected to grml.
Escape character is '^]'.
Panteltje 5

grml login: root
Password:
Last login: Mon Feb 13 20:12:56 2006 from grml on pts/8
grml - Linux for geeks

No mail.
grml: ~ #

What is the problem, you can use any port?
Or is the problem the 'other' port (48952 on this case)?

grml: ~ # netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 grml:48952 grml:81 ESTABLISHED
tcp6 0 0 grml:81 grml:48952 ESTABLISHED

Maybe I misunderstand the problem?

I think you're assuming some level of control over the situation.
Imagine where everything for both people is blocked except for outbound
port 80. (firewalled and no root access)

.

Relevant Pages

  • Re: Idea: "SSH Meeting"
    ... I'm able to let a tech take over my PC in my server ... Can work over ordinary port 80 from both sides. ... You just telnet to the other IP, login as root.. ...
    (comp.os.linux.development.apps)
  • Re: Telnet root login
    ... Subject: Telnet root login ... What tty does it say you are on? ...
    (freebsd-current)
  • Re: telnet as root question
    ... >> make securetty tell telnet and SSH apart? ... >login program after opening the pts. ... >check securetty to know if root login is allowed. ...
    (comp.os.linux.security)
  • Re: SSH pubkey or password based on user group
    ... What I was trying to do is not to allow users that are in root group to ... every other user can choose whether they will login using their password ... only on another port, with your sshd set something like this: ... Manipulating a single SSH daemon to do what you ...
    (comp.security.ssh)
  • Re: Idea: "SSH Meeting"
    ... Some telnet allow no root login, maybe you can su - root. ... If you start telnetd in debug mode, a different port can be specified. ...
    (comp.os.linux.development.apps)