On 18.12.2006 01:27, Crispin Cowan wrote:
Martti Laaksonen wrote:
You might want to look into using public keys for user authentication and setting some options to a specific key(s) in ~/.ssh/authorized_keys file.
There's more info in sshd's man page (paragraph Authorized_keys file format), but basically you can restrict a specific public key to execute only a certain command by placing command="command_name" option before the public key data in the authorized_keys file.
Martti's suggestion and mine work very well together. The above enforces that a user ssh'ing into the machine can only run a single command, and my suggestion gives you mandatory policy control over what that command can do. Using the hardlink hack, you can make the command unique to a user, or generic to a role.
True! These techniques combined offer great flexibility that does not sacrifice security. In my particular case, however, the command being executed should not be subject to 'twisting' of its normal behavior. Also, AppArmor is not around when you don't have SuSE... -- Blade hails you... One night I dreamt a white rose withering a newborn drowning a lifetime loneliness I dreamt all my future. Relived my past And witnessed the beauty of the beast --Nightwish