Miquel Mart?n L?pez escribió: > > Hi all! > We have several vt-100 terminal that log to the naub server at our office. > Still, some users without account in the main server would like to login to > another machine, so I was planning on creating a passwordless acount with a > shell that's a program that asks for usernames and then execs ssh -l > username. I didn't want to do a script to avouid ppl hitting ctrl+c and > having a passwordless account. I'm also worried about buffer-overflows and a > miriad things I'm too newbie to understand, so I'd appreciate any comments > on the security flaws you see on this: > Umm.. programs can have security flaws. How about using port redirection, a similar problem arised to a group of administrators I belong to and someon proposed, using port redirection, the following: iptables -t nat -A PREROUTING -p tcp --dport 9999 -j DNAT --to another_server:22 That way you do not depend on (sometimes unreliable) programs/daemons. Of course, you needed, Linux 2.4. Another solution would be to use applications such as (quick look to apt-cache search redirect) redir or rinetd.. Javi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Security in a shell that starts ssh
Javier Fernandez-Sanguino Peña Wed, 13 Jun 2001 05:48:29 -0700
- Security in a shell that starts ssh Miquel Mart?n L?pez
- Re: Security in a shell that starts ss... Aaron Dewell
- Re: Security in a shell that starts ss... Javier Fernandez-Sanguino Peña
- Re: Security in a shell that starts ss... Tim van Erven
- Re: Security in a shell that starts ss... Steve Greenland
- Re: Security in a shell that starts ss... Daniel Ginsburg
- Re: Security in a shell that starts ss... Tim van Erven
- Re: Security in a shell that start... Steven Huang
- Re: Security in a shell that starts ss... Steve Greenland
- Re: Security in a shell that starts ss... Daniel Ginsburg
- Re: Security in a shell that start... Miquel Mart?n L?pez
- Re: Security in a shell that starts ss... Steve Greenland
- Re: Security in a shell that start... Daniel Ginsburg