Re: ssh and lastlog
* Thomas Gebhardt <gebhardt@HRZ.Uni-Marburg.DE> [2003-01-07 16:23 +0100]:
> as far as I can see, one can get at least 2 out of the following 3 items:
^"most"? otherwise trivial :-)
> * sshd Privilege Separation
> * /var/log/lastlog not world readable
> * users get a lastlog message at ssh login
If you
- set UsePrivilegeSeparation=yes in /etc/ssh/sshd_config,
- chmod o-r /var/log/lastlog,
- configure sudo ("%users ALL=NOPASSWD:/usr/bin/lastlog -u *"), and
- add "[ ${-//[^i]/} ] && sudo /usr/bin/lastlog -u $LOGNAME"
to /etc/profile,
the user's bash will display the date and origin of your last login
for interactive sessions.
--
Johannes Franken
Professional unix/network development
mailto:jfranken@jfranken.de
http://www.jfranken.de/
Reply to: