Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
June 22, 2006, 12:36 pm
rate this thread
AIX v5.2 and v5.3
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x009060bf
We have a set of usernames on the hosts that we want to NOT have
interactive access. These are accounts that are not unique to an
individual person, we refer to them as group accounts. Our auditors
require that interactive access be restricted to the inidividual
accounts only and that su to the group account is fine since it
provides an audit trail. These group accounts are used to run some
scripts and a trust relationship between a number of unix boxes is
allowed, meaning the group account is allowed to do 'ssh remote-host
Looks like an option for root (PermitRootLogin set to
forced-commands-only) is the functionality we need but for these
Anyone know if there is something in sshd_config to get the same
functionality? Or has anyone faced a similar set of requirements and
how did you address it?
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum