Results 1 to 4 of 4

Thread: Some simple security advice

  1. #1
    Join Date
    Jan 2008
    Beans
    75

    Some simple security advice

    Hi,

    I want to lock down what a user can do when they ssh into my box. Pretty much so they can not do or see anything, but su to another user.

    I'm allowing myself remote access to the box. I have 1 ssh user I use (sshd_config AllowUsers) and I log on using this user then su to my actual users I manage the box with.

    I read about git shell creating a more secure shell where only git commands could be exec'd, is there something like that where I can lock down to just su?

    Thanks,
    Jon.

  2. #2
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Some simple security advice

    Quote Originally Posted by jon.mithe View Post
    Hi,

    I want to lock down what a user can do when they ssh into my box. Pretty much so they can not do or see anything, but su to another user.

    I'm allowing myself remote access to the box. I have 1 ssh user I use (sshd_config AllowUsers) and I log on using this user then su to my actual users I manage the box with.

    I read about git shell creating a more secure shell where only git commands could be exec'd, is there something like that where I can lock down to just su?

    Thanks,
    Jon.
    Use apparmor or grsecurity.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  3. #3
    Join Date
    Jan 2008
    Beans
    75

    Re: Some simple security advice

    Ooo apparmor looks the ticket, thanks for your help

  4. #4
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Some simple security advice

    Quote Originally Posted by jon.mithe View Post
    Ooo apparmor looks the ticket, thanks for your help
    In that case, see if this post can get you started :

    http://ubuntuforums.org/showpost.php...56&postcount=5
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •