On my RaQ4i, don't want telnet allowed in any form, but I do want SSH for some site admins. If I disable shelling for sites, or users, it kills both telnet AND SSH. It there a way to get SSH without allowing telnet for a user?

Comment out the line that starts with "telnet" in your
/etc/inetd.conf file

Have SSH run as a daemon, and not through inetd.

This should work for you.

k, the telnet part is easy enough, but could you elaborate on the ssh part.. I installed SSH using the package for the cobalt raq....

If you install the openssh-pkg from cobalt the sshd 's running no matter if you activate/deactive the telnetd in the control panel.

So
- install openssh
- deactivate telnet in server administration
- active shell access for site(admins)

that's it

How to deactivate it ???

And by the way, what can SSH do and don't ? I am interested to offer SSH for my mysql users. Is this possible?

Firstly, you don't need shell access to offer MySQL... set up phpMyAdmin in a protected directory.

Secondly, SSH server is free... Get the package from http://pkg.nl.cobalt.com. It is the client side that can be expensive (but that is up to you customers to buy.)

I know I can use phpmyadmin, but I am having problems with it. So I am just trying to search for alternative.

I saw two packages in pkg.nl.cobalt.com , which one should I install?

And by the way, what command is restricted for ssh user ? Is it hard to set up for them ?

I am not sure about which packages... I just installed the server. Someone told me you are supposed to install them both, but it is working jsut fine.

Is it hard to set up ? Do my client need to set up RSA etc?

Well, I have the server part installed, and tried setting up RSA, but didn't get that to work.
When I create a keything with SecureCRT, the server tells me it's wrong. When I create a key file on the server, SecureCRT tells me it's wrong. I've tried other SSH tools, all the same results. I followed the rules by the books, followed my own rules, nothing worked.
So I gave up on RSA, but at least SSH is working fine...

Now, before I shutdown Telnet forever, is there a way to just stop Telnet? I'd like to be sure everything is working fine before I comment the entry in the inetd.conf and kill my only way in...

Someone please correct me if I'm wrong, but the two don't work together, thus if you can get in with SSH, then that was your 'test' and you can comment out the lines.

Hmm, that might be true, he he

But how do I stop telnet from my ssh shell?

Again, someone please correct me if I'm wrong, but I think we've come full circle now. Start at the top of the thread and see the second post.

I'm sorry if I'm not to bright :(

Anyway, I've commented the Telnet line and rebooted the server and that stops Telnet from running to...

Heh heh... well... did it all work?

Yeah, it all worked :)
Telnet is down and the SSH thing is up and running. It even still lets me in, he he

Don't you just love the excitement of reboots?!
I'm really wearing out the Refresh button on my browser at such times ;)

What's restricted in SSH ?

What's restricted? As opposed to Telnet: nothing I can think off...

By the way, if you have a RAQ (3), disable Telnet through the Control Panel.
When you comment out the line in inetd.conf, the server will send you a warning email that there's something really wrong with Telnet server and the monitor thingy will be flashing red.

Also, you don't need to reboot to stop telnet from working. After you comment out the line type:

/etc/rc.d/init.d/inetd restart

That will have the same affect, or is it effect :)? However, pingu is correct...with the RaQ you are better off disabling telnet through the Control Panel.

or killall -HUP inetd :)

Originally posted by pyng
or killall -HUP inetd :)

Oh yea...well my way is cooler than yours :D!