Hi Mike, In context below, I am reading these ideas starting with yours here. On Wed, 10 Oct 2018, Mike wrote:
Hi Karen,
I'm going to guess that the "business decision" is basically to conform to current acceptable security practices, possibly even for liability reasons.
granted, I have not as of yet heard back from Brian regarding my question. However since dreamhost benefits from their corporate hosting donating program with the IRS, failing to inform nonprofit organizations of said business decision prior to impacting their mission could carry legal ramifications as well. I have asked Brian to document how this information was shared with all of the organizations in their program in advance.
Question: Do you, or your colleague, have administrative (or "root") privilege to your hosted system? If so, you could re-enable the deprecated algorithms without Dreamhost's help (or permission).
I doubt this, as our account is a shared one. However what would I review in our control panel to learn if this might be the case?
However, I have what may be an easier solution, one that I should already have thought of: If you still have working SSH-based shell access to a different host, you should be able to SSH FROM THERE to your dreamhost system.
Mike, this is the ban-aid I have been using to at least try and manage company communications. i ssh from my shellworld personal account into our dreamhost one. I suspect security concerns, the process lists a slightly incorrect domain name for us. Further shortly after this started, i began getting more of those ransom related e-mails using our password as proof they know me. Most important though, I require direct access to our dreamhost shell space from my desktop. I need to access files uploading and downloading from there, and keeping that information separate from my personal shell. As it stands anything that must change hands has to be first uploaded to shellworld, than sent as an attachment to curtain up which cannot be done when the file is production audio etc.
That is, SSH to your other shell account, and instead of running your email program, run "ssh user@eugene...", and once connected to eugene, proceed as though you were connected directly.
Accept that I am not connected directly, I am connected via another shell. I cannot move files to and from, which is important for what we do.
Such plumbing is often necessary for a variety of reasons. Just make > sure you know where you are. The commands "whoami", and "hostname" are often useful!
Thanks again Holmes! Cheers, Kare
On 10/9/18, Karen Lewellen via talk <talk@gtalug.org> wrote:
Hi Mike and everyone. Below is the explanation from dreamhost regarding my dh key exchange situation. A bit of background. Dreamhost has a special program allowing International Nonprofit organizations who can demonstrate tax exempt status to have a hosting account with their service. My employee got such an account years back, they have offices both in new York and Toronto. I have asked Brian to share the documentation dreamhost provided its nonprofit organization members in this program of their so called business decision. I pointed out that many in the nonprofit sector are using less than hot off the shelf tools to manage their internet efforts, with this business decision creating a risk for more than myself. Further, I pointed out that I am at the moment, physically incapable of making changes having not been able to work fully since the end of June. I share his first post, I have not gotten an answer yet to my reply. I dare say the simple solution would be, if they exists, an easy way to manage it, finding another company all together. At the same time though I would welcome educating other dreamhost customers, say via there twitter presence, if they have one. Thoughts on their explanation? Karen <dreamhost e-mail begins below this line:>
On Mon, 8 Oct 2018, DreamHost Customer Support Team wrote:
Hello,
"I don't see that there should be any trouble connecting to
dreamhost.com..."
Simply connecting to dreamhost.com is not a valid test, as there are no customers ever hosted on our main web site. That server is reserved for internal use only. It has only internal use logins on it. Encryption is maintained via a separate system.
"However there is a problem with Eugene.dreamhost.com Since dreamhost.com still should allow my ssh client to connect, the question is if my account can be placed on a server that will allow such a connection."
Again, we are not hosting customers on any servers that support the method of encryption you're looking for. I wish we could, but we have made a business decision not to support that type of connection style for customer logins. We will be updating dreamhost.com shortly.
"You were going to move our account in any case, at least I have e-mails saying that was going to happen."
That will simply be a move of email, to a different email server. This is unrelated to where your web service lives.
Sorry I can't be of more help here.
Thanks! Brian H
-- To continue this support case, just reply to this email. Check our Knowledge Base tips and how-tos! https://help.dreamhost.com/ Don't forget the expert content on our blog: https://www.dreamhost.com/blog/
------------------------------------------------------------------------ Are you happy with this response to your support inquiry?
YES https://www.dreamhost.com/survey.cgi?h=y&n=154364736&m=4145361
NO https://www.dreamhost.com/survey.cgi?h=n&n=154364736&m=4145361 ------------------------------------------------------------------------
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk