check_by_ssh question
Matt Pounsett
matt.pounsett at cira.ca
Thu Mar 25 17:27:11 CET 2004
On Thu, 25 Mar 2004, Andreas Ericsson wrote:
> > things significantly. It's quite easy to limit one's passwordless ssh keys to
> > ONLY run certain commands, and to prevent the invocation of shells and so
> > forth, thus preventing those keys from being used to invade other machines.
> >
> Didn't know about the commands bit. How does that work?
The details are all in the sshd(8) man page.. on my system under the
"AUTHORIZED_KEYS FILE FORMAT" heading.
> As for the shell; disable it and you won't get much checking done since
> SSH forks a shell to take care of the command you want to.
True. But you can prevent the key from being used to get an interactive
shell, which was my point.
--
Matt Pounsett CIRA - Canadian Internet Registration Authority
Technical Support Programmer 350 Sparks Street, Suite 1110
matt.pounsett at cira.ca Ottawa, Ontario, Canada
613.237.5335 ext. 231 http://www.cira.ca
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list