LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-28-2009, 09:20 PM   #1
lappy
LQ Newbie
 
Registered: Mar 2009
Posts: 4

Rep: Reputation: 0
SSH login registration


Hey guys I'm wondering if there is anything out there already written that will let me direct someone to login to ssh newuser@foobar.net and use the passwd "signup" and then make ssh pull some kind of script or program that will let a user register via a ssh login and let for example a admin actually review it before giving access to the user.

Any suggestions or ideas would be awsome.
 
Old 03-28-2009, 09:26 PM   #2
MS3FGX
LQ Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 361Reputation: 361Reputation: 361Reputation: 361
I don't know if software like that exists, but it would be simple enough to write up a script to do it.

Though if you are going to be manually reviewing and adding these accounts, couldn't the new user simply email the information to you? Or fill out some web form?
 
Old 03-28-2009, 09:36 PM   #3
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
You can have the users account initially disabled. You can allow use "AllowUsers" in /etc/ssh/sshd to only allow access to a "white" list of users. Any user or group not in AllowUsers will be denied access.

You will need to also configure it so that the user needs to change their password after they first login, and to enforce a strong password policy in PAM. Shell accounts can be very dangerous. A weak password would be easily broken by a script kiddie running a brute force attack.

If you allow users shell accounts, also look at enforcing connection limits and quotas.
 
Old 03-28-2009, 10:01 PM   #4
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,755
Blog Entries: 4

Rep: Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966Reputation: 3966
Any user account can use any program as its "shell." Your special registration-program could be defined as the shell of this account named newuser whose password is signup.

When the shell program ends, then (by definition...) the user session is over.

This technique is what is sometimes called a "kiosk account."
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH Problem - Can't login using Hostname, can login using ip address jqweezy Linux - Networking 7 01-26-2009 02:21 PM
ssh login ust Linux - Security 1 09-11-2008 05:55 AM
login/registration facility for website in perl/cgi mobs99 Linux - Newbie 28 11-21-2007 05:58 PM
ssh login only with ip CloudBuilder Linux - Networking 3 07-31-2005 11:20 AM
ftp login -- ssh no login waffe Linux - General 4 12-27-2003 12:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration