On Wed, 2004-05-19 at 00:59, Edward wrote: > I have several servers installed at customer's premises. I used to > simply run out there to fix any slight problems or update mail white > lists etc. > > However, with a few customers more than 1.5 hours drive away, I need to > look at remote administration. Especially for simply adding few users to > a spamassassin white list or the like, which really only are 10 minute jobs. > > So, I was thinking about setting up dyndns or no-ip addresses for these > servers, then opening up the firewall for either ssh or VPN. None of my > customers have a static internet address. In your place I would setup ssh. The thing you need to make sure of is if you are using password authentication that all your passwords are good ones. I believe you may want to lock down ssh to specific known hosts and keys. Even if you need to administer multiple systems remotely use one to ssh to and then ssh from that one to the others. Also disable roots use of ssh so no one can go straight in as root. Means you will login as a normal user then su to root as needed. Over those dialup lines you are not going to be doing any X-windows forwarding or other GUI tricks, but command line should be fine. -- Scot L. Harris <webid@xxxxxxxxxx>