LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Security of ~/.ssh ?? for client end ? (http://www.linuxquestions.org/questions/linux-security-4/security-of-%7E-ssh-for-client-end-288295/)

michael_util 02-09-2005 06:44 PM

Security of ~/.ssh ?? for client end ?
 
Hello,

I have setup ssh using RSA keys and provided users with a menu based system to log into remote servers as specific users.

So they SSH into a secure box running LIDS and using pdmenu get a menu system and can ssh into different servers on the network. The menu is started by running sudo -u username menuscript.

That box seems very secure, all the apps are sandboxed using LIDS and no one has command line access.

Do I have to concern my self with the ~/.ssh directories of the servers users will be connect to from this box ? Right now there is a authorized_keys file in which is chmod 600 and the .ssh is chmod 700. But the user they log in as can still read that file.

Can I make it so only root can read that file but logins still work ?

Thanks.

Michael.

Matir 02-09-2005 09:40 PM

Well, you COULD make the "ssh" executable setuid root, but I'm not sure if that's too secure either. It's the only thing I can think of.


All times are GMT -5. The time now is 02:43 PM.