Networks are effective when users are able to read their files and run their programs from remote locations. If you have users who often need remote access, you should consider configuring some Linux remote access services.
There are a number of different ways to access a Linux computer from a remote location. Several remote access services are controlled by the Extended Internet Services Daemon, xinetd . This daemon listens to ports such as those associated with the FTP and Telnet services. If you have the appropriate servers installed, xinetd starts these services upon request.
The xinetd daemon controls the operation of a number of remote access services, including the Remote Shell (RSH), Telnet, FTP, and POP3. Once installed, each of these services includes configuration files in the /etc/xinetd.d directory. You activate each service through these files; in many cases, you can also create a service-specific firewall.
Using the TCP Wrappers system, you can configure a detailed firewall for xinetd services. To regulate access to individual or all xinetd services, you customize /etc/ hosts .allow and /etc/hosts.deny . You can still regulate access with an iptables firewall as described in Chapter 22 .
A number of xinetd services send messages in clear text. In Chapter 22 , you ve seen how this can put even your passwords at risk. One alternative for remote access to a Linux computer is the Secure Shell (SSH). The SSH daemon can be configured with private and public keys to encrypt messages over a network.
With all of these levels of security, it isn t always easy to diagnose a service problem. If users are having trouble accessing a server, you may need to check the available firewalls, one at a time. Other possibilities are that services are not active, or that various iptables commands or TCP Wrappers are blocking access.