On 2010 Jan 25, at 18:23, Vailton Renato wrote: > Hi Viktor! > > I think the main gain is the ease of maintenance we perform on remote > servers. This certainly will make a big difference, because even with
No doubt, it's useful, but it has implications. > the use of passwords our server is already somewhat protected from > access of others. I'm not sure I understand; if the server is password protected but you can get a remote console to it from any client machine with equal rights as if you were standing in front of the server machine, what gives the protection? One other way to add protection is to offer admin remote access on a different port, and this port can have limited access from certain IPs, etc. This way you can SSH into a server console and control the server process via commands or a console tool. Well, instead of limited access 2nd port, even the security levels could be determined based on what IP connected to it, but that seems less flexible and more exploitable. I can think of an analogy with f.e. a Cisco IOS/PIX router, where the whole box is just running, serving connections, and you can connect to a separate port as admin, authenticate with your admin pw, change security level (like "sudo") with additional pw, and run commands which control and query the whole box's operation. Brgds, Viktor _______________________________________________ Harbour mailing list (attachment size limit: 40KB) Harbour@harbour-project.org http://lists.harbour-project.org/mailman/listinfo/harbour
