[techtalk] problem with scp

Telsa Gwynne hobbit at aloss.ukuu.org.uk
Tue Nov 28 09:46:34 EST 2000


On Mon, Nov 27, 2000 at 03:52:37PM -0800 or thereabouts, gabrielle wrote:
> I inherited a couple of linux boxes from other people in my group.  Both 
> are running Redhat, but I don't know what versions.  Probably old, as they 
> were built more than a year ago.  Is there a way to find out which version 
> of Redhat?  I only know 'uname', which shows the kernel, right?

As people have said, cat /etc/redhat-release, a one-line file with
the version. 

> linuxbox1:  built by a true wizard who is unfortunately no longer with the 
> company. kernel 2.0.34
> linuxbox2:  built by a very nice guy who doesn't write things down and 
> won't remember what he did 10 minutes after he did it. :) kernel 2.0.36

My RH 5.2 box appears to have the 2.0.33 kernel on it, which is confusing 
me. I think I am going to put this down to "it's my husband's, and he 
messes about with it". 

> They are both webservers, and part of my job is to keep them updated with 
> current documents.  I do not have ftp enabled on either of the boxes (and 
> am not permitted to), and have been using an ftp server as an intermediary, 
> but it is going to go away soon.  I have been trying to use scp, but it 
> works only to linuxbox1 (SSH Version 1.3.5) and not linuxbox2 (SSH Version 
> OpenSSH-2.1)! >:|

I am glad someone else knew the details about different versions of 
ssh because I always forget them. I thought of lots of things it 
could be, but then I re-read your message and realised that no,
couldn't be them. 

> I'm not seeing anything in the howtos, and all my web searches have turned
> up dead ends.  Can somebody point me in the right direction, assuming 
> you've actually made it all the way through my long post?

I always had trouble setting up ssh, partly because I would be
paranoid and not get binaries, but get the source and compile it,
(which is stupid, because I wouldn't spot a hole in it even if it
had a name like stealallpasswords() there). Finding the rpms for
all the security toys on ftp.redhat.de helped, before it was legal
to export them from the US. 

My suggestion would be to get openssh, I think. I don't know whether
and where there are rpms for RH 5.x. There must be: there are plenty
of people still using it and wondering whether they should upgrade
to RH 6.x now :) But if you get the source rpms, be aware they take
_ages_ to compile. Much longer than a kernel on the same machine,
and longer than gnome-libs and gnome-core (which take a good while).
I gather it's because part of the build process involves trying a
number of different things and deciding which is going to be best
in terms of speed or security when you're running it. I just saw
it going through apparently the same lines again and again and
boggled. (Took two hours on a Cyrix ("almost a pentium") 233 with
32 megs of RAH, and nearly half an hour on a K6 with 64 megs.) I
think I would get the binaries and check the key and checksum with
rpm -K carefully in future :) (I gather someone did once put up
"safe" but tinkered-with ssh rpms where the signature didn't match
just to see how many people installed them without checking --
and posted the results to bugtraq. Apparently a lot of people 
did just cheerfully install them.)

Telsa




More information about the Techtalk mailing list