I am setting up this server that I will run from a co-locate facility. I want to run my scenerio by you folks to see if I have my thinking messed up.

I have to do my daily work on a Windows machine because I use Pagemaker / CorelDraw / Premier to do alot of my work (Plus my capture card needs Win98).

I want to be able to do admin on the remote machine from my Widows machine, so I need to get a program like SecureCRT to SSH to the Linux box.

Once logged in via SSH I can turn on Webmin, do anything I need done that way and shut Webmin down again. Obviously, as I learn Linux, I'll be able to make changes to the system with Webmin if it is faster. I am still trying to get my brain back into command line thinking, windows can tend to make one lazier.

This machine is Dual processor, I am running it SMP. What is UP? I could not find that in my searching around. I reconfigured LILO to boot as SMP.

UP means "Uni-processor": one CPU as opposed to SMP, which means more than one.

As to the rest of your setup, that'll work fine except that Webmin is for sissies. But why leave Webmin running only at certain times? If it's just to save RAM, that's fine, but if you're concerned that Webmin might be vulnerable to security attacks, it'll still be vulnerable to security attacks when you have it up, even if you leave it down most of the time. Security through obscurity is no security. If you feel Webmin is insecure, either don't use it at all, or configure its access control or the box's firewall to only let your system connect to the Webmin port.

SecureCRT costs money, doesn't it? If you want to save, you can use PuTTY instead, it's free.

"Webmin is for sissies." Well, I am feeling like one as I approach this task. I knew I had a steep learning curve ahead, but as I read the Linux Aministrators Guide and Redhat unleashed I saw that I would need help. I discovered Webmin and thought that it might make things easier, but as I went through it's pages I found that it is "maybe" more cryptic than I want.

So, I am getting from you that I can set everything up (new virtual servers, etc.) through SSH and do the admin stuff that way also?

Well, two things here: One, I heartily second the use of PuTTY. I haven't tried SecureCRT, but all the functionality _I_ need I can get from PuTTY, for free. TeraTermPro works pretty nice, but the ssh ability is a hack/add-on, and IIRC, only supports ssh1.

Two, I think you might be a wee bit confused here. You need SSL to access webmin securely, not SSH. Having ssh access as well is great, but AFAIK, it would (in this case) be mainly used for command-line stuff (interactive login, sftp/scp, etc.) SSL is what you need to connect your browser on your Windows box to the webmin server on your Linux machine securely. A lot of times I end up putting both in at the same time, as I haven't gotten WebMin to work w/ openssl rpms, only the locally compiled versions, which reqire some of the openssh libs installed.

Hope I didn't confuse more than I helped.

Monte

I'm ribbing you about Webmin. If that's what you like, use it. But it doesn't let you do anything that you couldn't do at the console.

With SSH, it's just as if you were physically sitting down at the machine (well, with some exceptions, like X) Anything you can do sitting down at the console, you can do over an SSH session.

Nope, you did not confuse it more. I was talking about logging in via a secure shell session and then starting webmin. I then would have used Webmin via SSL after I move the cert over from the other server.

I may drop the webmin idea if I can get a mental foot hold of the Linux way of thinking. I have looked into it for a couple of years and coveted the opportunity to really use a Linux machine, but have not till now really had the ability to get really hands on. I still have a million questions, but I am trying to be responsible with everybody's time - so I look into the docs - search apache's site, etc, etc.

I have read a lot but still don't have a grasp of why things gon into certain directories (I understand /home, but var etc??)

Anyway, I want to thank you all for the help so far. I am glad that I have not encountered here what I have in the past at other sites, snobbery, flames etc. I appreciate that you all allow us newbies to be newbies (or so it appears). THANX!!

ok everyone i find this to be an interesting topic. Say i've got two machines, 1 being an linux redhat box and the other being an win2k machine. Both machines are networked. How can i logon to the linux box just as if i'm at the actual terminal? How do I make the connection secure?

Originally posted by neotrace0:
<STRONG>How can i logon to the linux box just as if i'm at the actual terminal?</STRONG>

Telnet and SSH.

How do I make the connection secure?

It's one of the two I listed above, and I'll give you a hint: it's not telnet.

If you want real security you need to use SSH with RSA (or DSA, I guess -- don't know much about DSA) authentication, and with password authenication disabled. SSH with passwords enabled is as bad as telnet in some regards, but much safer than telnet in others.

sounds good but RSA most likly will cost me a pretty penny.

Originally posted by neotrace0:
<STRONG>sounds good but RSA most likly will cost me a pretty penny.</STRONG>

RSA is a method of authentication. It's something that's implemented into a program, like a protocol, rather than a program itself. I believe Putty supports RSA.

The patents on RSA expired last year, so everybody can use it for free now. Even before the patents expired, everybody outside the United States was using it, because the United States is about the only country that recognizes software patents, and everyone inside the Unites States was either using it "illegally" or using RSAREF, which was an RSA-compatible cipher that was free to use for noncomercial purposes by somewhat slower.

OpenSSH uses RSA (I assume it uses the full RSA rather than RSAREF), every SSH client uses RSA, PGP uses RSA (I assume all versions have switched over to full RSA rather than RSAREF now -- no more US and Non-US versions?)... EVERYTHING uses RSA. It won't cost you anything.

Openssh sounds promising, i've just got to find a server distribution. Though i'm first workin on getting my regular telnet to work.

oh ya thankx for the help everyone!