Package: wnpp Severity: wishlist Owner: Russ Allbery <[EMAIL PROTECTED]>
* Package name : remctl Version : 1.7 Upstream Author : Russ Allbery <[EMAIL PROTECTED]> * URL : http://www.eyrie.org/~eagle/software/remctl/ * License : MIT/X Description : remote Kerberos-authenticated command execution remctl consists of a client and server for executing specific commands on a remote system with Kerberos authentication. The allowable commands must be listed in a server configuration file, and the executable run on the server may be mapped to any command name. Each command is also associated with an ACL containing a list of Kerberos principals authorized to run that command. Included in this package is both the client (remctl) and the server (remctld). The server will not be started automatically. I didn't write this package, but I'm also the upstream maintainer (as part of my day job at Stanford). There are a lot of variations on this basic idea out there, from the original IBM sysctl (which we used prior to remctl at Stanford), to comprehensive management packages like Moira or ADM, to DESY and CERN's ARC, but remctl aims at being something close to a minimal implementation of the concept. It makes no assumptions about the rest of your infrastructure, requires no particular scripting language, and is a self-contained C implementation. We've been using it extensively at Stanford for some years now, all over our infrastructure, primarily for privilege delegation (put privileged keys on one system, write scripts that perform privileged operations with those keys, audit for security as with CGI scripts, and provide a remctl interface to run the scripts). -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.26 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
