l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 18: A professional photographer's view of Linux
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2004 Jan 13 09:45

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Providing access to SSH on Kiosk?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Providing access to SSH on Kiosk?



Bill Kendrick said:
> On Mon, Jan 12, 2004 at 10:56:15PM -0800, ME wrote:
>> What about LILO/grub? can the user pass args to the kernel to be booted?
>> You know, the old "init=/bin/bash" arg/trick for local root on boot
>> without restrictions...
[chop]
> Yes, I have LILO restricted to ONLY let "Linux" image boot, with no
> arguments, unless a password is supplied.
[chop]
> Unless I misunderstood you, in which case I now look like a buffoon. :^)

It sounds like you have that covered.

> <snip>
>> These require one of two things:
>> 1 access to build their own ssh clients with modified source code and
>> force the user to call their ssh client instead of the one you
>> installed.
>> (Usually this means root access.)
>
> Okay, this is covered (in a perfect world) by Unix permissions and the
> fact that users shouldn't be able to get to a shell to even INVOKE a
> compiler, let alone install the binary. :^)
>
>
> <snip>
>> A presentation on the useful features of ssh would also be good.
>> (Tunneling, proxy, redirection, etc.)
>
> Okay Mike, I'll jot you down for two presentations later this year.
> Pick the dates. ;^)

You misunderstood. I was not volunteering for that. :-P
(At least not this summer. Maybe next year though.)

If you are interrested in computer security, maybe you can visit a defcon.
You can save money if you go with others.I think I have 3 or 4 people with
me (splitting the cost for transport and hotel.) Bill, let me know if you
would like to join me. (We can talk off list.)

>> We'll have to see what happens.I'll have a better idea in April. If the
>> UC
>> Davis CS dept  wants to have me in their grad program on cs security,
>> maybe I'll move to Davis in 2005 and attend LUGOD a little more often
>> than
>> I do now. :-D
>
> Cool! :^)  In the meantime, we should get Peter going to NBLUG meetings,
> or something!  He needs it! ;)

That would be good for Peter, but I am phasing NBLUG out as a trade for
LUGOD and ACM/CS Club on campus: This year, I will be attending the CS
Computer Club and running for office with our campus ACM Chapter and CS
Club. Part of increasing my activity with LUGOD and the campus CS Club
means changing focus away from NBLUG and devoting that energy here and on
campus.

I'm on our irc #lugod and more active there and have been reading these
lists on LUGOD more thanb before.

>> OK. Consider another drive to image the system and rebuild every
>> morning.
>> A local disk with rsync would be pretty fast.
>
> Hrm... neato.  This is all fascinating, but at the same time scary.
>
> Kinda like back in the day when I didn't write very 'robust' CGI scripts.
> Fortunately, I wasn't quite as 'prolific' as that Matt's Scripts guy
> that's
> still causing people pain...  I'm glad I've got such a good network of
> folks
> to talk to about this stuff today. :^)  You and Ken have been priceless!

I wish I could be there to be more help. Maybe after the GRE this summer,
I'll have a better idea where I'll be in 2005.

> Just trying to serve my community.  (But at the same time
> be
> careful of hackers abusing them :) )

That is a full time job and requires vigalance.

-ME

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.