#ssh archives - The musings of an IT Consultant
Home > IT Blogs > The musings of an IT Consultant >

The musings of an IT Consultant:

#ssh

Apr 29 2009   3:45PM GMT

Cisco SSL VPN for the ASA



Posted by: Raj Perumal
Cisco ASA, SSL VPN, RDP, #ssh, SSL VPN on the road, IPSEC VPN, SSL VPN licenses, Adaptive Security Appliance

So you have probably heard about SSL VPN by now if you are a network administrator. This is the ability to use SSL to make a VPN connection between you and your corporate network. SSL VPN has been around for a long time but I still find that a lot of people haven’t embraced it up here in Winnipeg.

I still see customers using IPSEC VPN for the most part and then when they are on the road travelling with their laptop they have issues connecting back to their corporate network because whichever Internet cafe or airport they are in is blocking the ports required to make the connection. Well there is one port that you can pretty much guarantee will always be left open in an Internet cafe or other public access point and that’s port 443 which is what SSL VPN  uses.

With the Cisco ASA, you get 2 free licenses of SSL VPN. It is extremely easy to configure and offers many plugins for VNC, SSH, and even RDP. You basically launch a web browser and connect to your domain name, for example “ssl.yourdomainhere.com” and then you can login using your credentials which can be either local or even active directory authenticated and connect to your network. From there you are given a launch web page with a few options on what you would like to connect to. As the administrator you can pre-populate this web page with bookmarks to RDP to servers, or to even SSH into a server. You can even browse the web through the SSL VPN connection to get access to web sites you normally couldn’t access through this connection instead of through your normal one.

If you own a Cisco ASA, I urge you to try out the SSL VPN functionality, if you like it you can purchase extra licenses for all your users.

-RP

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Feb 6 2009   4:54PM GMT

Enabling SSH on a VMware ESXi Server



Posted by: Raj Perumal
VMware ESXi, Enable SSH, Enable SSH on ESXi, Enable SSH on VMware ESXi, shell access, BusyBox, Linux, /etc/inetd.conf, vi, #ssh, ESX, VMware ESX, script, scripts, scripting, unsupported

For those of you that are used to having service console access in VMware ESX server, you might find yourself in for a bit of surprise when you try and do this with ESXi. By default you do not have access. However there is a way to enable access to the console.

Why do you need access to the console? With access to the console this gives you the ability to troubleshoot larger support issues when things aren’t working the way they should and it also enables you to run some pretty cool scripts that are available out there on the Internet.

The ESXi console uses BusyBox so it is different from ESX even after you get console access. To enable SSH access to the shell, please do the following:

  • From the ESXi console hit Alt-F1
  • Type in the word unsupported and hit enter (you will not see the characters appear on the screen)
  • Type in your root password
  • Edit the /etc/inetd.conf file by typing in vi /etc/inetd.conf
  • Scroll through the file until you find the line that says #ssh and delete the # sign
  • Save the file
  • Now you can reboot the ESXi server and you will have shell access
  • Alternatively you can run the /sbin/services.sh restart command to restart the management services without rebooting the box.

-RP

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend