Re: Single-use root account?

To: debuser <debian-user@lists.debian.org>
Subject: Re: Single-use root account?
From: "Karsten M. Self" <kmself@ix.netcom.com>
Date: Sat, 8 Nov 2003 15:30:46 +0000
Message-id: <[🔎] 20031108153046.GD2540@guildenstern.dyndns.org>
Mail-followup-to: debuser <debian-user@lists.debian.org>
In-reply-to: <[🔎] 1068246908.27472.3.camel@Thief>
References: <[🔎] 1068195528.23558.7.camel@Thief> <[🔎] 20031107225455.GA16011@shorty.ca> <[🔎] 1068246908.27472.3.camel@Thief>

on Fri, Nov 07, 2003 at 05:15:09PM -0600, Alex Malinovich (demonbane@the-love-shack.net) wrote:
> On Fri, 2003-11-07 at 16:54, ScruLoose wrote:
> > On Fri, Nov 07, 2003 at 02:58:48AM -0600, Alex Malinovich wrote:
> > > 
> > > If not, any other possibilities?
> > 
> > Olkay, I see there's been plenty of discussion of the ins and outs of
> > the self-locking one-shot root privilege thing. Neat idea, too; it's not
> > something I ever thought of.
> > 
> > OTOH I wonder about attacking the problem from a completely different
> > angle:
> > If you have access to a computer lab at school, you could maybe run an
> > ssh daemon on your home machine (plus one of the free dyndns.org
> > accounts if you've got dynamic IP to worry about).  Then you could just
> > ssh in to the machine and do the maintenance yourself.
> 
> That's actually one of the reasons that I've waited so long to try and
> tackle this problem. I've been happily SSH-ing into my server for quite
> a while, especially when I have my laptop with me. (Running Debian of
> course.)
> 
> Unfortunately, there are times during class (with no computers in the
> room) that I need something done, and the only way to do it is over the
> phone. There's also the issue of what happens if the network connection
> goes down while I'm away. If I'm at home it's easy enough to fix, but
> away from home it's impossible.
> 
> While I had thought of experimenting with voice activated commands over
> the phone, it seems like too much work for the task at hand. (Though it
> would certainly be quite an interesting project... :)

ObNoIDon'tWorkForSharp:

    http://www.myzaurus.com/

The Zaurus:

  - Runs GNU/Linux.
  - Has SSH.
  - Has wireless networking.  Glom off your school's WiFi.
  - And a modem.  Dial as needed.
  - Keeps your roommate safely out of the loop.

I don't own one, but know several people who are inordinately pleased
with theirs.

In a vendor-neutral tradition, the iPaq may also offer options.  More
general information at:

    http://www.handhelds.org/


Alternatively:  one-time-passwords.  If you generate these, and tell
them to your roommate, the password itself is only good for a limited
time (a matter of minutes, usually).  After which it's worthless.

There are key generators which will run on your PDA (Palm, Zaurus, iPaq,
foo).



Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    "Charming man," he said. "I wish I had a daughter so I could forbid
    her to marry one ..."
    -- HHGTG

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Single-use root account?
  - From: Alex Malinovich <demonbane@the-love-shack.net>
- Re: Single-use root account?
  - From: ScruLoose <scruloose+debuser@eastlink.ca>
- Re: Single-use root account?
  - From: Alex Malinovich <demonbane@the-love-shack.net>

Prev by Date: Re: ssh-agent
Next by Date: Re: Yahoo says I'm a Spam-o-Rama (via DynDNS)
Previous by thread: Re: Single-use root account?
Next by thread: Re: Single-use root account?
Index(es):
- Date
- Thread