From owner-freebsd-stable  Tue May 15  3:42:39 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from picard.skynet.be (picard.skynet.be [195.238.3.131])
	by hub.freebsd.org (Postfix) with ESMTP id 6BA8C37B422
	for <stable@FreeBSD.ORG>; Tue, 15 May 2001 03:42:34 -0700 (PDT)
	(envelope-from sven.huster@mailsurf.com)
Received: from hodge.skynet.be (hodge.skynet.be [195.238.2.35])
	by picard.skynet.be (8.11.2/8.11.2/Skynet-OUT-2.11) with ESMTP id f4FAgOO20014;
	Tue, 15 May 2001 12:42:24 +0200 (MET DST)
	(envelope-from <sven.huster@mailsurf.com>)
Received: from 07.mailsurf.com (194-78-218-7.pro.turboline.skynet.be [194.78.218.7])
	by hodge.skynet.be (8.11.2/8.11.2/Skynet-SMARTRELAY-2.11) with ESMTP id f4FAgFl16831;
	Tue, 15 May 2001 12:42:19 +0200 (MET DST)
	(envelope-from <sven.huster@mailsurf.com>)
Message-Id: <5.1.0.14.0.20010515124103.0264e080@mx01.mailsurf.com>
X-Sender: shu@mx01.mailsurf.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Tue, 15 May 2001 12:42:36 +0200
To: Tom <tom@uniserve.com>, Alfred Perlstein <bright@wintelcom.net>
From: Sven Huster <sven.huster@mailsurf.com>
Subject: Re: serial console
Cc: Doug Hardie <bc979@lafn.org>,
	Jason DiCioccio <geniusj@bluenugget.net>,
	Nick Barnes <Nick.Barnes@pobox.com>, stable@FreeBSD.ORG
In-Reply-To: <Pine.BSF.4.10.10105142311140.79606-100000@athena.uniserve.
 ca>
References: <20010514230628.N2009@fw.wintelcom.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 08:14 AM 5/15/01, Tom wrote:
>*This message was transferred with a trial version of CommuniGate(tm) Pro*
>
>On Mon, 14 May 2001, Alfred Perlstein wrote:
>
> > * Tom <tom@uniserve.com> [010514 23:02] wrote:
> > >
> > > On Mon, 14 May 2001, Doug Hardie wrote:
> > >
> > > > How are you preventing unauthorized access via the PM2?  I haven't
> > > > found any way to prevent it.
> > >
> > >   What do you mean?  First of all, you assign a password to the account
> > > used for serial port access.  Then you assign filters on the ethernet
> > > interface to prevent telnet access from anything but known hosts.  Then
> > > you do the same thing on your gateway router.
> >
> > Uh..
> >
> > Still using telnet over the wild world of the net?
> >
> > Here's what I do, i use a crossover to a stable barely used machine
> > and a serial connection as a backup from another machine.  Another
> > option is using a modem to dial in directly into the thing.
>
>   It is all the PM2e supports.  So if that is what you are using, you need
>to use telnet.
>
>   Besides a console server should never really be on the Internet anyway.
>In fact, using dial-up access only (PM2e supports dial-back for excellent
>dial security) is probably the way to go.

i use a cyclades PR3000TS for that.
supports ssh and up to 64 ports. starts with 16.


regards
Sven


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message