Re: ssh and lastlog

To: debian-security@lists.debian.org
Subject: Re: ssh and lastlog
From: Johannes Franken <jfranken@jfranken.de>
Date: Thu, 9 Jan 2003 21:03:57 +0100
Message-id: <[🔎] 20030109200354.GA19407@jfranken.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 200301071523.h07FNPt3012048@pcrz175.hrz.uni-marburg.de>
References: <[🔎] 200301071523.h07FNPt3012048@pcrz175.hrz.uni-marburg.de>

* Thomas Gebhardt <gebhardt@HRZ.Uni-Marburg.DE> [2003-01-07 16:23 +0100]:
> as far as I can see, one can get at least 2 out of the following 3 items:
                                      ^"most"? otherwise trivial :-)
> * sshd Privilege Separation
> * /var/log/lastlog not world readable
> * users get a lastlog message at ssh login

If you 
- set UsePrivilegeSeparation=yes in /etc/ssh/sshd_config,
- chmod o-r /var/log/lastlog,
- configure sudo ("%users ALL=NOPASSWD:/usr/bin/lastlog -u *"), and
- add "[ ${-//[^i]/} ] && sudo /usr/bin/lastlog -u $LOGNAME" 
  to /etc/profile,
the user's bash will display the date and origin of your last login
for interactive sessions.

-- 
Johannes Franken
 
Professional unix/network development
mailto:jfranken@jfranken.de
http://www.jfranken.de/

Reply to:

References:
- ssh and lastlog
  - From: "Thomas Gebhardt" <gebhardt@HRZ.Uni-Marburg.DE>

Prev by Date: Re: scrollkeeper loading external (online) DTD
Next by Date: Re: Gnutella? (was Re: TCP port 6352?)
Previous by thread: ssh and lastlog
Next by thread: Re: ssh and lastlog
Index(es):
- Date
- Thread