Re: a little progress on control software

["Dirk Terrell" <terrell@boulder.swri.edu>]

On Sun, 16 Dec 2001 14:33:55 -0500, Stupendous Man wrote:

>  Anyone who wants to send me tips or suggestions on arranging 
>a means by which a socket on the "control computer" can listen for
>commands from _other_ computers, please do.  I've verified that a 
>simple telnet connection will do the trick -- but, of course, I don't
>want to set up a computer to accept all incoming telnet packets.
>If you can tell me how to modify my /etc/services or other files
>to do this in a secure fashion, I'd appreciate it.  I'd also appreciate
>advice from people who say, "It can't be made secure -- don't bother."

Two possibilities spring to mind: (1) tcpwrap the port or (2) use an
ssh tunnel. The latter is the more secure but the former is a bit
simpler. For (2) you'd set up sshd on the listening machine (and have
it only acept connections from desired machines). See the OpenSSH site
at www.openssh.org or you may already even have it (e.g. Red Hat 7.x
installs it by default). On the talking machine, you'd use the ssh
client with local port forwarding, e.g.

ssh <listener> -L localhost:1024:<listener>:1024

where "1024" is the port you're using and <listener> is the hostname/IP
of the camera controller. Then you'd telnet to localhost:1024 and the
packets would get passed securely through the tunnel. Batch scripts
could dump stuff to localhost:1024 after setting up the tunnel for
unattended operation. For the Windows users, the client side is also
pretty easy to set up.

Dirk