Re: Controlling server access

To: debian debian-isp <debian-isp@lists.debian.org>
Subject: Re: Controlling server access
From: Craig Sanders <cas@taz.net.au>
Date: Wed, 13 Sep 2006 10:14:28 +1000
Message-id: <[🔎] 20060913001428.GG7118@taz.net.au>
In-reply-to: <[🔎] 4506C70D.50300@imaginator.com>
References: <[🔎] 4506C10F.3080305@imaginator.com> <[🔎] 4506C3BA.5030007@thecsl.org> <[🔎] 4506C70D.50300@imaginator.com>

On Tue, Sep 12, 2006 at 04:41:17PM +0200, Simon Tennant wrote:
> Dan MacNeil wrote:
> > 
> > man sshd_config says:
> > 
> >      AllowGroups
> >      [...]
> 
> I am aware of that but that would imply having POSIX groups which list
> who can log into which boxes.  A user could do a "getent group
> groupname" to see who can access boxes which worries me somewhat.

OTOH, only those who can login can do this - and if you can't trust them
not to abuse the priviledge then they shouldn't be able to login.

craig

-- 
craig sanders <cas@taz.net.au>           (part time cyborg)

Reply to:

References:
- Controlling server access
  - From: Simon Tennant <simon@imaginator.com>
- Re: Controlling server access
  - From: Dan MacNeil <dan@thecsl.org>
- Re: Controlling server access
  - From: Simon Tennant <simon@imaginator.com>

Prev by Date: Re: Spamassassin & Investor Spam
Next by Date: Re: Spamassassin & Investor Spam
Previous by thread: Re: Controlling server access
Next by thread: System resource monitor tool
Index(es):
- Date
- Thread