SSH boxes

[LynK]

Gentlemen,

What do you use for your SSH boxes. We are looking into this, and the only thing I have used was a 2800 router with a list of IPs and a tripplite console/ssh server which I did not like.

Looking to hear more information for those of you in the larger enterprises.

[icecream-guy]

Gentlemen,

What do you use for your SSH boxes. We are looking into this, and the only thing I have used was a 2800 router with a list of IPs and a tripplite console/ssh server which I did not like.

Looking to hear more information for those of you in the larger enterprises.

mostly is some variant of Linux, used to be wither Debian or Fedora,  but there are probably newer more secure distros available.


you _can_ build a menu system into that 2800 and make life a lot easier.

[Otanx]

We use an Redhat workstation. Currently this is a physical box sitting at our junior guys desk, but eventually we will have it virtualized. I actually do a lot of my work from our rancid server instead. Most of my tasks involve working on 20 or 30 boxes so being able to just do a for loop with clogin is a life saver.

For a console server we are using Opengear. I think the Tripplite ones are the same, and just rebranded. They work OK, but we do have a problem with them responding to ssh. It sometimes takes two or three tries to get them to respond. We did look at using a RPi, and USB serial cables. It is just a mess, and does not scale very well.

-Otanx

[wintermute000]

Some tricks here.
https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts

If you want an SSH jumphost with logging, privilege levels etc. then theres a ton of linux software out there

[deanwebb]

One would never, ever use a root account on a network device that has access to all the gear with a service account.   

Ever. 

Quit looking at me like that, the boss is getting a funny look on his face like he wants to audit our access or something crazy like that.