|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: setuid ssh
From: Andrew Brown (atatat
atatdot.net)Date: Thu Oct 19 2000 - 10:15:16 CDT
- Next message: Dan Riley: "Re: setuid ssh"
- Previous message: Andrew Brown: "Re: setuid ssh"
- Next in thread: Greg A. Woods: "Re: setuid ssh"
- Next in thread: Dan Riley: "Re: setuid ssh"
- Maybe reply: Andrew Brown: "Re: setuid ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>> as long as you don't copy that key anywhere. sure, that key can
>> *only* be used to log into the backup server, but from *anywhere*.
>
>If you don't like that property, than don't allow that key to be
>used from anywhere. You just need to put `from="foo.bar.com"' in
>front of the key in authorized_hosts. I have scripts that allow a
>fairly secure backup to be done to a remote host that trusts the
>one sending the backup only to write a new file (not overwrite
>current files) in a certain directory; e-mail me if you want details
>on this. As far as I can tell, the worst attack that it's open to
>is a DOS attack that fills up that partition.
now that people have mentioned this, i went to look it up, and i see
it. hmm...i *suppose* i could subborn this to my purposes...
is that a openssh thing as well?
-- |-----< "CODE WARRIOR" >-----| codewarrior
- Next message: Dan Riley: "Re: setuid ssh"
- Previous message: Andrew Brown: "Re: setuid ssh"
- Next in thread: Greg A. Woods: "Re: setuid ssh"
- Next in thread: Dan Riley: "Re: setuid ssh"
- Maybe reply: Andrew Brown: "Re: setuid ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]