Re: [Pdbwiki-devel] Backups

Dan Bolser

unread,

Dec 20, 2010, 6:52:02 AM12/20/10

to Jose M. Duarte, BiO.CC server interface, pdbwik...@bioinformatics.org, Ritchie Smith, Bryan Bishop

On 20 December 2010 11:34, Jose M. Duarte <jose.m...@gmail.com> wrote:
>
>> > PS: the weekly update is running right now from mpi to bifx.org. All
>> > looks
>> > fine :)
>>
>>
>>
>
> Completed now successfully. I can try to start setting things up with the
> update pipeline at bio.cc. Dan could you share login details "offline"? Or
> are the old logins still working?

Can anyone advise on how best to set up access to bio.cc?

Jose had an account: "/BiO/Live/Scientists/jose/", but I'm guessing
his IP isn't currently allowed to login?

I'd also like to allow logins for kanzure and my friend Narrenschiff.
Is it required that they all provide details of their likely IP range?

Cheers,
Dan.

> By the way I've been trying to get dropbox running, but surprise surprise
> they block access to it from here! I'll fight to get the block lifted!
>
> Jose
>
>

Sung Gong

unread,

Dec 20, 2010, 12:07:39 PM12/20/10

to Dan Bolser, Jose M. Duarte, BiO.CC server interface, pdbwik...@bioinformatics.org, Ritchie Smith, Bryan Bishop

On 20 December 2010 11:52, Dan Bolser <dan.b...@gmail.com> wrote:
> On 20 December 2010 11:34, Jose M. Duarte <jose.m...@gmail.com> wrote:
>>
>>> > PS: the weekly update is running right now from mpi to bifx.org. All
>>> > looks
>>> > fine :)
>>>
>>>
>>>
>>
>> Completed now successfully. I can try to start setting things up with the
>> update pipeline at bio.cc. Dan could you share login details "offline"? Or
>> are the old logins still working?
>
> Can anyone advise on how best to set up access to bio.cc?
>
> Jose had an account: "/BiO/Live/Scientists/jose/", but I'm guessing
> his IP isn't currently allowed to login?
>
> I'd also like to allow logins for kanzure and my friend Narrenschiff.
> Is it required that they all provide details of their likely IP range?

Have you looked /etc/hosts.allow?
You need to put some IP address to allow.

>
>
> Cheers,
> Dan.
>
>> By the way I've been trying to get dropbox running, but surprise surprise
>> they block access to it from here! I'll fight to get the block lifted!
>>
>> Jose
>>
>>
>

> --
> You received this message because you are subscribed to the Google
> Groups "BiO.CC server interface" group.
>
> BiOcentre proposes progressive concepts in using biological data, new types of databases, and new ways of looking at old problems. We encourage members to propose and realize radical and revolutionary methods in science and engineering.

Vimal

unread,

Dec 20, 2010, 12:17:59 PM12/20/10

to Sung Gong, Dan Bolser, Jose M. Duarte, BiO.CC server interface, pdbwik...@bioinformatics.org, Ritchie Smith, Bryan Bishop

Hi,
One possibility would be to add users to AllowedUsers in /etc/ssh/sshd_config. That way you don't need to add all the IP's to hosts.allow.

Vimal

--
http://vimalkumar.in

Dan Bolser

unread,

Dec 20, 2010, 12:43:24 PM12/20/10

to Vimal, Sung Gong, Jose M. Duarte, BiO.CC server interface, pdbwik...@bioinformatics.org, Ritchie Smith, Bryan Bishop

Cool, that sounds good. I'll give it a go later this evening.

>
> Vimal
>
> --
> http://vimalkumar.in
>
>

Dan Bolser

unread,

Dec 20, 2010, 5:31:19 PM12/20/10

to Sung Gong, Jose M. Duarte, BiO.CC server interface, pdbwik...@bioinformatics.org, Ritchie Smith, Bryan Bishop

On 20 December 2010 17:07, Sung Gong <su...@bio.cc> wrote:
> On 20 December 2010 11:52, Dan Bolser <dan.b...@gmail.com> wrote:
>> On 20 December 2010 11:34, Jose M. Duarte <jose.m...@gmail.com> wrote:
>>>
>>>> > PS: the weekly update is running right now from mpi to bifx.org. All
>>>> > looks
>>>> > fine :)
>>>>
>>>>
>>>>
>>>
>>> Completed now successfully. I can try to start setting things up with the
>>> update pipeline at bio.cc. Dan could you share login details "offline"? Or
>>> are the old logins still working?
>>
>> Can anyone advise on how best to set up access to bio.cc?
>>
>> Jose had an account: "/BiO/Live/Scientists/jose/", but I'm guessing
>> his IP isn't currently allowed to login?
>>
>> I'd also like to allow logins for kanzure and my friend Narrenschiff.
>> Is it required that they all provide details of their likely IP range?
>
>
> Have you looked /etc/hosts.allow?
> You need to put some IP address to allow.

OK, I just realised the AllowedUsers method is a bit risky, given that
it allows anyone anywhere in the world to try to hack the SSH ... I've
added one new ip address to the /etc/hosts.allow file, and I'll email
people privately to let them know how to login.

I'm also sorting through the list of entries there, as I think the two
main lists should be synchronized but aren't ... also I recognize a
few MPIMG IP addresses that I think are no longer needed.

I'll ping back when I have worked on the file so people can check that
things still work as expected.

Cheers,
Dan.

Dan Bolser

unread,

Dec 20, 2010, 6:20:52 PM12/20/10

to Sung Gong, Jose M. Duarte, BiO.CC server interface, pdbwik...@bioinformatics.org, Ritchie Smith, Bryan Bishop

Cheers Sung,

I'm a bit confused by that file, so I'm sorry if I've broken
anything... I commented out the lines that seemed to be allowing /
denying access to specific ports, because the spec doesn't mention
ports in that file (and the port lines didn't seem to be doing
anything as far as I can tell...).

Please check things and let me know... assuming I can get back in ;-)

Couple of questions about hosts.allow:

Does putting one IP In allow deny from everybody else? From the manual
I got the impression a 'process: ALL' line was needed to facilitate
that?

Some IP's seem to be being denied access to several processes...
couldn't we just put them in hosts.deny? i.e. 'ALL:
stinky.ip.address'?

I removed the old MPIMG IP addresses from hosts.allow (we won't have
them much longer). I guess we can drop the Cambridge IP addresses too?

Seems like a nifty system for keeping certain things secure but
certain things open.

All the best,
Dan.

Reply all

Reply to author

Forward