Linux shell management
We have implemented a new ERP system and are using seven Datalogic portable data terminals logging in to a Linux VM using telnet connections over WiFi. The problem I am facing is we only have seven licenses for our handheld units and at times a unit will lose connection and the user has to log back into their telnet session, however their old shell on the VM is orphaned and we cannot log in due to the license restrictions. I have set the units up so I can identify each unit by userid so I can kill the duplicate sessions but it happens enough that managing it this way is not practical as a long term solution.
I know just enough Linux to be dangerous but not enough to accomplish what I would like to do which is when a user HH1 or HH2 or HH3 logs in I would like to kill any existing shells for the user so each handheld is a one to one between the physical unit and the shell on the VM.
Any ideas on how to do this. We use TelNetCE on the units and just telnet and the users have a simple green screen, character based menu driven system.
Thanks
I know just enough Linux to be dangerous but not enough to accomplish what I would like to do which is when a user HH1 or HH2 or HH3 logs in I would like to kill any existing shells for the user so each handheld is a one to one between the physical unit and the shell on the VM.
Any ideas on how to do this. We use TelNetCE on the units and just telnet and the users have a simple green screen, character based menu driven system.
Thanks
Please checkout how to use SSH.
TELNET is a sure way to publish passwords, esp. when accessing the site through WiFi...
There should be lot's of options to get something like Putty plain SSH or likewise terminal emulators for accessing the central site.
IF you need to persist using telnet, then at least use stunnel or likewise tools to create secure channels to your server.
(SSH is probably the most easy solution).
TELNET is a sure way to publish passwords, esp. when accessing the site through WiFi...
There should be lot's of options to get something like Putty plain SSH or likewise terminal emulators for accessing the central site.
IF you need to persist using telnet, then at least use stunnel or likewise tools to create secure channels to your server.
(SSH is probably the most easy solution).
And noci's being nice.
Another way to translate what he's saying...
If you love getting hacked, use clear text tech like... telnet, rsh, ftp, CMS systems with no SSL cert.
If you'd like some inspiration, you can hire a pro for a few $100 to break into an office near some target business.
Run AirCrack to break the WiFi. AirCrack only requires roughly 85K worth of packet flow to crack any line.
Then just record all the packets. So in a matter of... Usually only a few minutes... Anyone who can install + run AirCrack + tshark can have logins for all your clear text data shortly.
Guideline: Never run any clear text protocol... ever... no exceptions...
I can't tell you the number of clients I've had come to me to clean up hacks + usually the root cause was some clear text tech running somewhere.
Another way to translate what he's saying...
If you love getting hacked, use clear text tech like... telnet, rsh, ftp, CMS systems with no SSL cert.
If you'd like some inspiration, you can hire a pro for a few $100 to break into an office near some target business.
Run AirCrack to break the WiFi. AirCrack only requires roughly 85K worth of packet flow to crack any line.
Then just record all the packets. So in a matter of... Usually only a few minutes... Anyone who can install + run AirCrack + tshark can have logins for all your clear text data shortly.
Guideline: Never run any clear text protocol... ever... no exceptions...
I can't tell you the number of clients I've had come to me to clean up hacks + usually the root cause was some clear text tech running somewhere.
ASKER
Thanks for the replies. I understand the security concerns and am pursuing the SSH option. I tested this though Putty and the host does support SSH, and seems to terminate sessions as I need, however the clients do not support SSH by default so I need to download, install and configure the handhelds. I have seven units to cycle through this process.
In the interim I was hoping a simple login script could solve my immediate problem. When each user logs in I would like to run a scrip which executes a -who- and outputs the results to a temp file, then run a grep on this file looking for the user name and performing an -skill -kill -v pts/#- to kill any previous shells for the user. Is this doable?
Again, thanks for the help.
In the interim I was hoping a simple login script could solve my immediate problem. When each user logs in I would like to run a scrip which executes a -who- and outputs the results to a temp file, then run a grep on this file looking for the user name and performing an -skill -kill -v pts/#- to kill any previous shells for the user. Is this doable?
Again, thanks for the help.
NB! Even better than ssh (which still drops connections if your WiFi connection gets disturbed) would be mosh for your specific case. It has link roaming i.e. if your client device switches networks (one wifi drops and it picks up another one) your mosh connection to your server will stay alive and it will wait for the packets to go again. It needs ssh for the connection security as an underlying technology, though.
https://mosh.org/
https://mosh.org/
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
If you're using ssh, then ssh will kill + clean up connections when they're broken.
With telnet, likely no easy way to do this... I suppose you could modify the telnet source... I'd just switch to ssh...