Hi,
I'm co-managing a server with a friend of mine offering ourself some
basic service (like emails, file sharing, etc). At this time each of
us can freely login on the server via ssh (we trust each others) for
the daily administrative tasks.
I would like to improve the current set up by adding a layer of
certification and proofing of the ssh session, because if you know
that you are recorded you'll be enforce to behave better. For this
scope I've found many different possible solution, but quite complex
to be implemented (like ssh proxy that records the session [1]), or
too basic (like using /usr/bin/script). So far none of those that
I've found satisfy me.
About that I remember that some time ago (maybe one or two years ago)
I read a post on planet debian about such a method for session audit.
It was suggesting as an easy to run solution for external consultant:
the recording and encrypting of the remote session was performed
without requiring any proxy, letting to store the session data on a
dumb external host. From what I could remember I think that the idea
was something like recording the session with script like utilities
(launched at session login), then periodically encrypting it with gpg
and publishing on a local folder or on a remote resource. This way
the owner of the system could reliably access the session log, and
the remote person could always prove what he did at during the ssh
session.