Re: Secure remote shell
- From: Girish Venkatachalam <girishvenkatachalam@xxxxxxxxx>
- Date: Thu, 29 Nov 2007 10:48:14 +0530
On 11:28:24 Nov 29, Olivier Nicole wrote:
Hi,
Part of (un)registerings users on my system consists in connecting to
various servers to add the user account to some services:
Registering users is done wia a web page, and the web server will
remote execute a script on the mail server to add the users in the
aliases and run newaliases, remote execute a script to the radius
server to add the user in the radius tables and restart radius, etc.
Of course all the remote execution should be done as root :(
No. Use sudo(8)
And tighten it up. Giving remote users root access should never ever be
done.
Typically each user should run a suid script or something.
So far, one specific user from the web server can rsh -l root to the
rsh? Are you living in a cave? :)
ssh(8) was released several years ago.
rsh is horribly insecure and broken whereas ssh(8) has an excellent
security track record.
-Girish
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- References:
- Secure remote shell
- From: Olivier Nicole
- Secure remote shell
- Prev by Date: Re: Secure remote shell
- Next by Date: Re: Secure remote shell
- Previous by thread: Re: Secure remote shell
- Next by thread: Re: Secure remote shell
- Index(es):
Relevant Pages
|
|
