Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-09-2005, 05:44 PM   #1
Registered: Feb 2004
Posts: 47

Rep: Reputation: 15
Security of ~/.ssh ?? for client end ?


I have setup ssh using RSA keys and provided users with a menu based system to log into remote servers as specific users.

So they SSH into a secure box running LIDS and using pdmenu get a menu system and can ssh into different servers on the network. The menu is started by running sudo -u username menuscript.

That box seems very secure, all the apps are sandboxed using LIDS and no one has command line access.

Do I have to concern my self with the ~/.ssh directories of the servers users will be connect to from this box ? Right now there is a authorized_keys file in which is chmod 600 and the .ssh is chmod 700. But the user they log in as can still read that file.

Can I make it so only root can read that file but logins still work ?


Old 02-09-2005, 08:40 PM   #2
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 122Reputation: 122
Well, you COULD make the "ssh" executable setuid root, but I'm not sure if that's too secure either. It's the only thing I can think of.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't change NIs passwd at client end wanch Linux - Networking 3 04-30-2010 04:57 AM
Mac OS X ssh client / linux sshd : ssh hangs/disconnects Apollo77 Linux - Networking 1 05-24-2006 11:53 AM
When I ssh to a server, the end key doesn't work (tcsh) TroelsSmit Linux - Newbie 0 10-07-2004 05:44 AM
security presntetion for end users juanb Linux - Security 1 07-22-2004 06:28 PM
end ssh session without stopping programs joshf Linux - Newbie 7 07-13-2003 08:39 AM

All times are GMT -5. The time now is 07:48 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration