Hi, On Mon, Mar 20, 2006 at 11:16:49PM +0100, Marcus Brinkmann wrote: > Hi, [...] > The shell command requires capabilities (file system, etc) that are > not available to the ssh server, and should not be. This raises the > issue if the ssh server should be split up into two parts, a system > part and a user part, or if there should be a system ssh server at > all. There are a couple of potential models: > > 1) Every user gets their own (virtual) domain and runs their own ssh > server. IPv6 is right around the corner, isn't it? :) > Then you just use "ssh username.hostname.org" and that's it. > > 2) Every user runs their own ssh server, but on a different port (ouch!).
I think these do not match with MAC-alike system policies. If an administrator/owner wants to restrict the options a specific user has to enter the system via SSH, there must remain a small "system" ssh server part. An example could be the limitiaton to SSH2. > Approach 3 seems to be a compromise. It sounds tricky to get right, > but it provides a hint to a solution in the case where approach 1 > would not work, for example because you need to do the host > authentication with the _host_, and not with the user account, or > where the operating system needs to provide some other capabilities > beyond the network connection. It also fits "better" with the > traditional Unix model of internetworking. I hope my remarks are complementary the details above. ;) Ciao -- Christian Helmuth TU Dresden, Dept. of CS Operating Systems Group http://os.inf.tu-dresden.de/~ch12 _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
