[CentOS] How to create a secure user only for ssh login?
King, John (Greg) (LMIT-HOU)
Greg.King at lmit.comWed Jun 14 19:24:23 UTC 2006
- Previous message: [CentOS] How to create a secure user only for ssh login?
- Next message: [CentOS] How to create a secure user only for ssh login?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> > (must I)/can I reduce as much as possible the privileges/access rights > of the my_aux_login account? so that if somebody breaks _its_ > password, it won't be able to do anything, including browsing around > to see what's installed? Ah. I think I have a clearer idea on what your wanting to do now. You may want to look at SELinux (Comes with CentOS 4 but may either be enabled,set to warn or disabled depending on how it was installed). I have yet had time to understand the SELinux mechanism but I recall a discussion where the person used SELinux to reconfigure what the root account could do, left the console logged in and asked people to break into the system using the root account. If SELinux can be used to change how root behaves it should be able to do the same with non-root accounts. Anyhow here are some links I found that may help. http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guid e/rhlcommon-section-0047.html http://danwalsh.livejournal.com/1538.html http://www.nsa.gov/selinux/ -Greg
- Previous message: [CentOS] How to create a secure user only for ssh login?
- Next message: [CentOS] How to create a secure user only for ssh login?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list