On 14/11/06, Sanjay Arora sanjay.k.arora@gmail.com wrote:
I sometimes need to allow sub-contracted admins root ssh access to my servers. Later, I always wonder what they did during access.
Is there any shell that provides all shell abilities to the remote user but monitors/emails a designated user each command executed in the shell terminal and does not allow the user (even root) to modify the bash history file or similar shell history file, or maybe sending each command by email to a remote server, so that modifying history becomes out of question?
If you only allow them to...
$ sudo su - #
... doesn't sudo then keep track of their actions? There are other alternatives, sudosh for one.
I'm pretty certain there are others too, from memory of the last time I looked into shell auditing.