[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Description for sshproxy

OoO  Vers la  fin de  l'après-midi du  mercredi 26  décembre  2007, vers
16:26, MJ Ray <mjr@phonecoop.coop> disait:

>> Package: sshproxy
>> Description: ssh gateway to apply ACLs on ssh connections

> Repeated "ssh" - remove one.  Maybe expand "ACLs" either here, or in
> the descriptions.  If it's such a key feature, why isn't it in the
> longer description?

> The package name gives me more clue about what it does than the short
> description, so maybe a total rewrite is a good idea: "ssh gateway
> based on permission lists, not keys or passwords"?  But I might still
> misunderstand what sshproxy actually does and I've not time to install
> it today.

Hi MJ !

With sshproxy, each user has his own login/password (or login/pubkey) to
connect  to sshproxy.  Then, he  can ask  to connect  to  another server
without knowing the password of it, only if it is allowed to by ACL.

It is  aimed at  groups sharing root  passwords to access  servers. When
people  leave  the  group,  root  passwords should  be  changed  on  all
servers. With sshproxy, when a people leave, you just have to remove his
account (or to disable his access through ACL).

More scenarios here: http://sshproxy-project.org/about/

Thanks for your help.
-- 
BOFH excuse #103:
operators on strike due to broken coffee machine
Reply to: