__/ [ Allis ] on Tuesday 28 February 2006 16:34 \__
> Knowing the little foolery that wise men have makes a great show, Roy
> Schestowitz has proclaimed :
>
>> __/ [ jim ] on Tuesday 28 February 2006 08:37 \__
>>
>>> I've been out of the web design business for about 2 years. This
>>> month I signed up several clients...however, one client already had a
>>> two year contract with a hosting service, the full cpanel set of
>>> options including ssh access.
>>>
>>> The problem is this: the hosting service is requiring a photo id to
>>> active the shh service. I know at some hosting services you have to
>>> ask for ssh to be activated, but I've never heard of a hosting
>>> service requiring a photo id...I mean they took the guy's money and
>>> credit card and didn't require photo id...
>>>
>>> Is this usual these days???? Has something changed?? Oh, the
>>> hosting service is bluehost.com
>>>
>>> thanks....
>>>
>>> jim
>>
>> What does the client need SSH access for? Any X-forwarding involved? A
>> quick session with the GIMP? If not, phpshell can be used as well,
>> merely as a powerful alternative.
>>
>> Many hosts dread the thought of clients connecting to their vital
>> machines unless they have known the client in question for many years
>> and believe him/her to be a trustworthy person. So, there's your
>> question you need to ask yourself or have the client ask him/herself:
>> has sufficient trust been established?
>>
>> Roy
>>
>
> Adding a note: Be careful of just adding a phpshell to the account
> without the host's knowledge.
> Many of these are abused, and hosts run server searches for them, disable
> and shut off the account for doing so.
You are the second person who has told me this. *gasp* Now I'm getting a
little worried.
Well, I put it in a password-protected directory, phpshell itself is
password-protected and I only ever use it for very fundamental things. I am
aware of people who got the server under fire because of poor password
choices or negligence.
What about phpproxy? Any restrictions on that? I soon password-protected that
small-yet-powerful program. It could lead to any arbitrary type of traffic
and can cripple the server.
|
|