Re: Description for sshproxy
OoO Vers la fin de l'après-midi du mercredi 26 décembre 2007, vers
16:26, MJ Ray <mjr@phonecoop.coop> disait:
>> Package: sshproxy
>> Description: ssh gateway to apply ACLs on ssh connections
> Repeated "ssh" - remove one. Maybe expand "ACLs" either here, or in
> the descriptions. If it's such a key feature, why isn't it in the
> longer description?
> The package name gives me more clue about what it does than the short
> description, so maybe a total rewrite is a good idea: "ssh gateway
> based on permission lists, not keys or passwords"? But I might still
> misunderstand what sshproxy actually does and I've not time to install
> it today.
Hi MJ !
With sshproxy, each user has his own login/password (or login/pubkey) to
connect to sshproxy. Then, he can ask to connect to another server
without knowing the password of it, only if it is allowed to by ACL.
It is aimed at groups sharing root passwords to access servers. When
people leave the group, root passwords should be changed on all
servers. With sshproxy, when a people leave, you just have to remove his
account (or to disable his access through ACL).
More scenarios here: http://sshproxy-project.org/about/
Thanks for your help.
--
BOFH excuse #103:
operators on strike due to broken coffee machine
Reply to: