[mdlug] Remote SSH commands
Ingles, Raymond
Raymond.Ingles at compuware.com
Wed Jan 12 09:02:46 EST 2011
For running a fixed set of commands, you might consider the program I
wrote, "Ostiary". It is designed to securely run only a specific set of
commands, and can be configured to run them as any particular user. (On
my machines, one of those commands is 'enable ssh login', of course.)
The gory details here: http://ingles.homeunix.net/software/ost/
Sincerely,
Ray Ingles (313) 227-2317
"Lately I've been getting the impression that overzealous censorship
[...] is an adult manifestation of fear of cooties." - anonymous
>
The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it.
> From: mdlug-bounces at mdlug.org [mailto:mdlug-bounces at mdlug.org] On
Behalf Of
> Michael ORourke
> Sent: Tuesday, January 11, 2011 11:53 PM
> To: MDLUG's main mailing list
> Subject: [mdlug] Remote SSH commands
>
> Lug Nuts,
>
> Anyone out there using the "forced-commands-only" option under
OpenSSH?
>
> From what I have read, it sounds like it's a pain to administer
because it
> is based on key-pairs. I'm just curious if other admins are using
that
> option and restricting remote root logins. It's extremely handy to
run
> commands from a central server as root, but breaks if you set
> "PermitRootLogin no" in the sshd_config.
>
> -Mike
>
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
More information about the mdlug
mailing list