[CentOS] ultrasecure sshd server
Devin Reade
gdr at gno.orgFri Jun 10 16:27:54 UTC 2011
- Previous message: [CentOS] ultrasecure sshd server
- Next message: [CentOS] ultrasecure sshd server
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Another option that you might want to look at is putting up an OpenBSD gateway running authpf (see <http://www.openbsd.org/faq/pf/authpf.html>). The model there is an outside user has to open up an ssh shell to the authpf gateway before they are allowed to access services inside the network. If their gateway shell goes away, so does their access. If you require password / secure token / whatever auth on the gateway, then you do that once and then you can use ssh-key auth to get to your inside machines as much as you'd like. Authpf can be used to allow/restrict access to arbitrary network services; it's not limited to just ssh. The shell the user gets on the authpf gateway is not usable for anything else; it just sits there until the user logs out, so it can't be used to crack the gateway or internal machines. Devin
- Previous message: [CentOS] ultrasecure sshd server
- Next message: [CentOS] ultrasecure sshd server
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list