[CentOS] OT: Q: Howto implement a monitored Shell for remote logins
Will McDonald
wmcdonald at gmail.com
Tue Nov 14 20:18:00 UTC 2006
On 14/11/06, Sanjay Arora <sanjay.k.arora at gmail.com> wrote:
> I sometimes need to allow sub-contracted admins root ssh access to my
> servers. Later, I always wonder what they did during access.
>
> Is there any shell that provides all shell abilities to the remote user
> but monitors/emails a designated user each command executed in the shell
> terminal and does not allow the user (even root) to modify the bash history file or
> similar shell history file, or maybe sending each command by email to a
> remote server, so that modifying history becomes out of question?
If you only allow them to...
$ sudo su -
#
... doesn't sudo then keep track of their actions? There are other
alternatives, sudosh for one.
http://sourceforge.net/projects/sudosh/
I'm pretty certain there are others too, from memory of the last time
I looked into shell auditing.
Will.
More information about the CentOS
mailing list