Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: authentication method shell variable?

from [Atro Tossavainen] Network Security [Permanent Link]
Subject: Re: authentication method shell variable?
Date: Mon, 28 Aug 2006 12:31:18 +0300 (EEST) 
In a recent discussion about secure ssh use the idea of having ssh
export the authentication method as a shll variable. The idea being
to limit su access to only those who have used a public / private
key pair for authentication.


Obviously you'd have to be able to generate such content for the
envariable that it couldn't just be dreamed up, and could be verified
by the next step, and you'd have to modify su/sudo to actually do the
verification.

Whether SSH could export any desired content into an envariable is not
the point (the answer is "of course, it does that all the time"), and
bash (or whichever shell) is not relevant to the issue at all as su/sudo
handling is not performed by the shell but by the respective programs
themselves.

-- 
Atro Tossavainen (Mr.)               / The Institute of Biotechnology at
Systems Analyst, Techno-Amish &     / the University of Helsinki, Finland,
+358-9-19158939  UNIX Dinosaur     / employs me, but my opinions are my own.
< URL : http : / / www . helsinki . fi / %7E atossava / > NO FILE ATTACHMENTS
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: authentication method shell variable?, Greg Wooledge
Next by Date:  Re: authentication method shell variable?, Derek Martin
Previous by Thread:  Re: authentication method shell variable?, Greg Wooledge
Next by Thread:  Re: authentication method shell variable?, Derek Martin
Indexes:  [Date] [Thread] [Top] [All Lists]