grml / grml-live

Build tool for Grml Live Linux
https://grml.org/grml-live/
126 stars 41 forks source link

SSH server boot: enable announce #73

Open lars18th opened 5 years ago

lars18th commented 5 years ago

Hi,

The current ssh cheat code doesn't activate any option to discover the server in the network (it only prints in the console the message You can connect with SSH to: .... And that's useless with a headless machine.

However, the GRML Live has the AVAHI-DAEMON service! So with these commands you can announce the server in the network:

cp /usr/share/doc/avahi-daemon/examples/ssh.service /etc/avahi/services
systemctl enable avahi-daemon.service
systemctl start avahi-daemon.service

So, I suggest to do this every time the ssh cheat code is used. It's free and easy to activate!

Futhermore, you can enhance it publising the password (as an option) in the Name of the server (now the default is grml; so you can use grml (pw:<password>)

I hope you aggree with this enhancement. It will simplifies the connection of a headless server booted with GRML Live.

jkirk commented 5 years ago

Hi!

Thank you for your suggestion. I like the idea. I haven't used the avahi-utils for quite some time now. But do I "guess" right (I just looked up an example :)), that one could then discover the SSH Service with the following command: avahi-browse -d local _ssh._tcp --resolve -t?

Apart from that I am not quite sure if publishing the password is good idea. Why would you want that? The password is set on boot, so it should be known to the user - and should be changed as soon as possible, of course.

/cc @mika What do you think?

mika commented 5 years ago

I like the suggestion WRT avahi, we should definitely give this a try!

Announcing the password calls for security troubles though, that's nothing I would consider to enable as default.