Results 1 to 10 of 10

Thread: Broken Security and Admin Scripts

  1. #1
    Join Date
    Jan 2008
    Beans
    122

    Broken Security and Admin Scripts

    Hi everyone,

    I babysit (administrate) a bunch of Linux computers locally, but now I'm moving away, so rather than leave everyone stranded, I'd like to instead get everyone set up for remote administration, so I can still fix things for them after I move. I've copied/built some scripts to help set this up, but so far, it isn't working, and my scripting skills, like my admin skills, are still minimal, and I can't figure it out. Everything seems to be working except the part that emails their info to me (current ip, security logs). Could someone with some more skill that I have take a look, and see if they can figure it out. There is more info about the scripts in the README.

    http://ubuntuone.com/p/Cxd/ <-- Broken Security and Admin Scripts.

    I'll be publishing the working script too.. so everyone that needs/wants to can use it.

    Thanks

    Tony.

    Afterthought: Might it be easier to use Ubuntu One rather than email.. ? Can a script be used to setup Ubuntu One for this.. assuming it isn't already set up.. ? Just me thinking out loud.

  2. #2
    Join Date
    Oct 2005
    Location
    Lab, Slovakia
    Beans
    10,783

    Re: Broken Security and Admin Scripts

    Hmm, set up sshd on each machine on a non-standard port, e.g. 2222 (to defeat script kiddies) and forward port 2222/TCP to the machine in the internet router. Test ssh access properly.

    When someone needs support, ask them to run Firefox and go to http://whatismyip.com and read it to you.

  3. #3
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 22.04 Jammy Jellyfish

    Re: Broken Security and Admin Scripts

    The one thing that stands out is that you included ssh_config not sshd_config.

    I'll take a look at the other scripts and let you know.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #4
    Join Date
    Oct 2006
    Beans
    4,628
    Distro
    Kubuntu 18.10 Cosmic Cuttlefish

    Re: Broken Security and Admin Scripts

    One thing that stands out is that in remote_admin_setup.sh you're modifying ssh_config when you want to be modifying sshd_config.
    Blog | Ubuntu User #15350 | Zsh FTW | Ubuntu Security | Nothing to hide?
    AMD Phenom II X6 1075T @ 3GHz, Nvidia GTX 650, 8GB DDR3 RAM, 1 X 1TB, 2 X 3TB HDD
    Please don't request support via PM


  5. #5
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,025
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Broken Security and Admin Scripts

    the errors indicate you specified a file named "--"", which doesn't exist.
    i guess this comes from your 'email' command
    Code:
    mutt -s "$subject" -a $attach -- $to < /dev/null
    you may want to check man mutt for correct syntax

    also, have you checked that the substitution
    Code:
    sed 's/your@email.addr/$1/g'
    actually works ? AFAIK, single quotes make literal strings, so you might not get the value of $1; possibly this results in an incorrect command line for mutt later on when you try to give it its to-address.

  6. #6
    Join Date
    Jan 2008
    Beans
    122

    Re: Broken Security and Admin Scripts

    Quote Originally Posted by CharlesA View Post
    The one thing that stands out is that you included ssh_config not sshd_config.

    I'll take a look at the other scripts and let you know.
    Oops.. that would be a problem. Thanks for pointing it out.

  7. #7
    Join Date
    Jan 2008
    Beans
    122

    Re: Broken Security and Admin Scripts

    Quote Originally Posted by CharlesA View Post
    The one thing that stands out is that you included ssh_config not sshd_config.

    I'll take a look at the other scripts and let you know.
    Much appreciated.. Thanks.

  8. #8
    Join Date
    Jan 2008
    Beans
    122

    Re: Broken Security and Admin Scripts

    Quote Originally Posted by FuturePilot View Post
    One thing that stands out is that in remote_admin_setup.sh you're modifying ssh_config when you want to be modifying sshd_config.
    Thanks for the good eye.. I'll change it right away.

  9. #9
    Join Date
    Jan 2008
    Beans
    122

    Re: Broken Security and Admin Scripts

    Quote Originally Posted by koenn View Post
    the errors indicate you specified a file named "--"", which doesn't exist.
    i guess this comes from your 'email' command
    Code:
    mutt -s "$subject" -a $attach -- $to < /dev/null
    you may want to check man mutt for correct syntax

    also, have you checked that the substitution
    Code:
    sed 's/your@email.addr/$1/g'
    actually works ? AFAIK, single quotes make literal strings, so you might not get the value of $1; possibly this results in an incorrect command line for mutt later on when you try to give it its to-address.
    Thanks.. I think you may have found the cause of the major error. If the email address is wrong, the mutt command wouldn't work. Looks like I have some editing/testing to do.

  10. #10
    Join Date
    Jan 2008
    Beans
    122

    Re: Broken Security and Admin Scripts

    Yes.. you were right.. my sed command is creating email=$1.. Thanks again.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •