Forum : The BROKeN BuBBLe

Locked down BBS?

From Dennisk@VERT to All on Friday, May 15, 2020 10:00:00

I just want to know how easy is it, or if it is possible, to configure Synchronet in such a way that it is effectively a private meeting space.

My vision is this, a BBS style system, which is accessibly by SSH only, which is invite only. You cannot just log in and create a new account, there must be one created for you by a Sysop. A personal online meeting space, which isn't owned or hosted by some third party like Facebook. Obviously, being text based, its limited, but there are advantages, which is ease of setup and no barrier to entry and DOORs. Also, I don't want it on the web, or indexed by Google. There isn't a need or desire for that because its just for the people who are involved in it.

At the moments, groups use a heterogenous approach, they might have an email list, a website, a FB group (open and/or closed), chat by FB messenger or whatever but a BBS style system could serve multiple needs in one space.

Can Synchronet be secured in this manner easily and reliably? I could just block all other open ports except SSH, but this seems unsatisfactory.

... Dennis Katsonis
--- MultiMail/Linux v0.52
* Origin: Mind's Eye BBS - mindseye.ddns.net - Australia (3:633/416)
� Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

From Digital Man@VERT to Dennisk on Thursday, May 14, 2020 18:10:29

Re: Locked down BBS?
By: Dennisk to All on Fri May 15 2020 10:00 am

Can Synchronet be secured in this manner easily and reliably? I could just block all other open ports except SSH, but this seems unsatisfactory.

Yes.

digital man

This Is Spinal Tap quote #21:
So when you're playing you feel like a preserved moose on stage?
Norco, CA WX: 70.9�F, 55.0% humidity, 5 mph ESE wind, 0.00 inches rain/24hrs

---
� Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

From Tony Langdon@VERT to Dennisk on Friday, May 15, 2020 12:32:00

On 05-15-20 10:00, Dennisk wrote to All <=-

Can Synchronet be secured in this manner easily and reliably? I could just block all other open ports except SSH, but this seems
unsatisfactory.

You can shut down the services you don't want ans also disable the gues user and prevent new user signups. I tested the latter on a test system and wasn't even able to create the sysop account on a new installation. :)

... We have just enough religion to hate, but not enough to love - J. Swift
=== MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
� Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

From calcmandan@VERT/DIGDIST to Tony Langdon on Friday, May 15, 2020 06:00:00

Tony Langdon wrote to Dennisk <=-

On 05-15-20 10:00, Dennisk wrote to All <=-

Can Synchronet be secured in this manner easily and reliably? I could just block all other open ports except SSH, but this seems
unsatisfactory.

You can shut down the services you don't want ans also disable the gues user and prevent new user signups. I tested the latter on a test
system and wasn't even able to create the sysop account on a new installation. :)

Now that's what you talk about locked down. So private that not even the sysop can join without an invite.

haha

... We have just enough religion to hate, but not enough to love - J. Swift === MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au
(3:633/410)
= Synchronet = Vertrauen = Home of Synchronet = [vert/cvs/bbs].synchro.net

... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
� Synchronet � Digital Distortion: digitaldistortionbbs.com

From Dennisk@VERT/MINDSEYE to Digital Man on Friday, May 15, 2020 13:04:00

Digital Man wrote to Dennisk <=-

Re: Locked down BBS?
By: Dennisk to All on Fri May 15 2020 10:00 am

Can Synchronet be secured in this manner easily and reliably? I could just block all other open ports except SSH, but this seems unsatisfactory.

Yes.

digital man

Thank you. The Mystic documentation made it clear that you could have that kind of set up. I was just wondering about Synchronet, before I invest time in setting it up.

... Dennis Katsonis
--- MultiMail/Linux v0.52
� Synchronet � Mind's Eye - mindseye.ddns.net - Melbourne Australia

From Tony Langdon@VERT to calcmandan on Friday, May 15, 2020 18:50:00

On 05-15-20 06:00, calcmandan wrote to Tony Langdon <=-

You can shut down the services you don't want ans also disable the gues user and prevent new user signups. I tested the latter on a test
system and wasn't even able to create the sysop account on a new installation. :)

Now that's what you talk about locked down. So private that not even
the sysop can join without an invite.

Yeah, I was experimenting, as I am looking at creating a closed BBS for a local radio club. Call that a success. :)

... Error reading FAT Table...Try Skinny one ? (Y/N)
=== MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
� Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

From DaiTengu@VERT/ENSEMBLE to Dennisk on Friday, May 15, 2020 11:21:17

Re: Locked down BBS?
By: Dennisk to All on Fri May 15 2020 10:00 am

I just want to know how easy is it, or if it is possible, to configure Synchronet in such a way that it is effectively a private meeting space.

My vision is this, a BBS style system, which is accessibly by SSH only, which is invite only. You cannot just log in and create a new account, there must be one created for you by a Sysop. A personal online meeting space, which isn't owned or hosted by some third party like Facebook. Obviously, being text based, its limited, but there are advantages, which is ease of setup and no barrier to entry and DOORs. Also, I don't want it on the web, or indexed by Google. There isn't a need or desire for that because its just for the people who are involved in it.

It should be pretty simple. you can disable services you don't want running in the config, disallow new users, or, alternatively, require new users to know a password in order to create an account.

DaiTengu

... Do something unusual today. Pay a bill.

---
� Synchronet � War Ensemble BBS - The sport is war, total war - warensemble.com

From Dennisk@VERT/MINDSEYE to DaiTengu on Saturday, May 16, 2020 20:19:00

DaiTengu wrote to Dennisk <=-

Re: Locked down BBS?
By: Dennisk to All on Fri May 15 2020 10:00 am

I just want to know how easy is it, or if it is possible, to configure Synchronet in such a way that it is effectively a private meeting space.

My vision is this, a BBS style system, which is accessibly by SSH only, which is invite only. You cannot just log in and create a new account, there must be one created for you by a Sysop. A personal online meeting space, which isn't owned or hosted by some third party like Facebook. Obviously, being text based, its limited, but there are advantages, which is ease of setup and no barrier to entry and DOORs. Also, I don't want it on the web, or indexed by Google. There isn't a need or desire for that because its just for the people who are involved in it.

It should be pretty simple. you can disable services you don't want running in the config, disallow new users, or, alternatively, require
new users to know a password in order to create an account.

DaiTengu

Got it set up and running. With Mystic, disabling services seems more explicit, but blocking the ports ought to do it for any server.

... Dennis Katsonis
--- MultiMail/Linux v0.52
� Synchronet � Mind's Eye - mindseye.ddns.net - Melbourne Australia

System Info

Sysop:	MCMLXXIX
Location:	Prospect, CT
Users:	325
Nodes:	10 (0 / 10)
Uptime:	153:15:01
Calls:	507
Messages:	219703