[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] m0n0wall-failover
 Date:  Thu, 23 Dec 2004 21:25:56 -0500
On Fri, 24 Dec 2004 00:24:15 +0100, Daniele Guazzoni
<daniele dot guazzoni at gcomm dot ch> wrote:
> 
> I'm rather for the SSH/SCP for security reasons and also practicity.
> Not only we would be able to copy/move config and other files from a
> m0n0wall to the other but also shell commands could be remotely executed.
> I'm thinking about reboot, priority-change in VRRP, ...
> 

Not a good solution amongst any of that it seems...  Adding OpenSSH
would increase the image size dramatically.  Even a small ssh server
like dropbear adds around a couple meg.

/usr/ports/security/dropbear might be helpful.  From pkg-descr:
-----
Dropbear is an SSH 2 server, designed to be usable in small memory environments.
It supports:

        * Main features of SSH 2 protocol
        * Implements X11 forwarding, and authentication-agent forwarding
        for OpenSSH clients
        * Compatible with OpenSSH ~/.ssh/authorized_keys public key
        authentication

WWW: http://matt.ucc.asn.au/dropbear/dropbear.html
-----

Someone has already integrated this into m0n0wall. 
http://www.xs4all.nl/~fredmol/m0n0/

I'm not a programmer, but hopefully that might help you a little.  

-Chris