Scheduled opening/closing of ports

Discuss and get help configuring CacheGuard to protect Web servers
Douglas
Posts: 55
Joined: 15 Feb 2018 12:04

Re: Scheduled opening/closing of ports

Post by Douglas » 10 Aug 2018 13:58

Success! Thank you!

User avatar
david
Posts: 148
Joined: 08 Aug 2015 20:38

Re: Scheduled opening/closing of ports

Post by david » 10 Aug 2018 14:04

Happy to hear that :) You are very welcome! Out of curiosity, can you please tell me what SSH client do you use? (because I saw the ssh command in one of your post).

BR,
David Jan
CacheGuard Technical Team
https://www.cacheguard.com

Douglas
Posts: 55
Joined: 15 Feb 2018 12:04

Re: Scheduled opening/closing of ports

Post by Douglas » 10 Aug 2018 14:08

That is success i.e. login via Putty no longer prompts for password, but
ssh admin@10.0.10.254 "firewall external off R1 ; apply force ; quit"
is still prompting for a password.
Must be it doesn't know where the private key is, as I was able to tell Putty where it is.

User avatar
david
Posts: 148
Joined: 08 Aug 2015 20:38

Re: Scheduled opening/closing of ports

Post by david » 10 Aug 2018 14:22

Yes, I think that should be the reason.

I assume that you have the ssh command under Windows. Please refer to your Windows documentation to know where to put the SSH private key and in which format. Maybe at the C:\Users\<username>\.ssh\id_rsa location and in OpenSSH format?

I don't know how it should be under Windows but under Linux the private key should be readable/writable only by its owner (<username> here). Otherwise it won't work!

BR,
David Jan
CacheGuard Technical Team
https://www.cacheguard.com

Douglas
Posts: 55
Joined: 15 Feb 2018 12:04

Re: Scheduled opening/closing of ports

Post by Douglas » 10 Aug 2018 14:46

Using Putty as my Windows SSH client and having created a profile in it called "CacheGuard" the following command line now works, because I told that Putty profile where my private key is under Connection, SSH, Auth, Private key file...:
putty.exe -ssh -load CacheGuard -m "C:\CacheGuard\FtpOff.txt" -t

FtpOff.txt contains:
firewall external off FTP21 ; apply force ; quit
Where FTP21 is an external rule.

The command line above is now in BlockFtp.bat and I've changed "Off" to "On" above, for UnblockFtp.bat.
These bat files are now called from Scheduled Tasks to achieve the availability of our FTP Server only during office hours.
Job done, I hope ;-)

Thanks again David.

User avatar
david
Posts: 148
Joined: 08 Aug 2015 20:38

Re: Scheduled opening/closing of ports

Post by david » 10 Aug 2018 15:21

Thank you for your feedback!

Best Regards,
David Jan
CacheGuard Technical Team
https://www.cacheguard.com

Post Reply