Re: SSH forwarding with an "untrusted" user
On Wed, 14 Aug 2002, Greg Norris wrote:
> I looked into something similar to what you're describing for a project
> at work. We setup a user account so that it could only connect via SSH
> (OpenSSH 3.x in this case) using public-key authentication, and then
> defined some restrictions in ~/.ssh/authorized_keys. The net result
> was that the account could be used to establish tunnels to predefined
> hosts, but little else.
>
> I don't have my notes handy at the moment, but I could dig them up
> tomorrow and send you the particulars.
I talked to my brother(who used to work here, but quit because of the
"untrusted" user), and he suggested putting a shell of /bin/cat
Oddly enough, this works. Whatever the user types into the shell, it's
going to just echo it back at them. When they close the cat(ctrl-d,
ctrl-c), the ssh window closes, and the tunnels drop.
Any security issues with that? I'm trying to picture how to exploit cat.
:D
Mike
Reply to: