Re: avoid su in ssh sessions
tony_at_aplawrence.com
Date: 05/28/04
- Next message: Rob S: "Re: DOS Disk for BTLD"
- Previous message: tony_at_aplawrence.com: "Re: Windows XP to SCO Unix"
- In reply to: dpuryear_at_usa.net: "Re: avoid su in ssh sessions"
- Next in thread: Bill Vermillion: "Re: avoid su in ssh sessions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 28 May 2004 07:41:18 -0700
dpuryear@usa.net wrote:
> On 27 May 2004 13:47:05 -0700, pablo@crecat.com (pablo hernandez)
> wrote:
>
> >Can I avoid user to use "su" command if they log within an ssh
session ?
> >
> >I did not see any any related thing in sshd_config.
>
> Not really. Consider removing world permissions on su, setting group
> ownership to a group such as wheel or su_users, and then putting only
> allowed users in wheel or su_users. Alternatively, quit using su
> entirely, start using sudo, and control user access using sudo rules.
While I certainly agree that sudo has its advantages (see
http://aplawrence.com/Basics/sud.html ), it is indeed possible to
restrict users rights to use su - it's one of the attributes you can
set for any user. It's also possible to give a user specific root
privileges without giving them the root passwrd at all: See the man
pages for "asroot", "auth" and "authorize"
-- Tony Lawrence http://aplawrence.com/SCOFAQ/
- Next message: Rob S: "Re: DOS Disk for BTLD"
- Previous message: tony_at_aplawrence.com: "Re: Windows XP to SCO Unix"
- In reply to: dpuryear_at_usa.net: "Re: avoid su in ssh sessions"
- Next in thread: Bill Vermillion: "Re: avoid su in ssh sessions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
