[Gllug] Selective SSH logins
Jose Luis Martinez
jjllmmss at googlemail.com
Tue Aug 26 19:05:49 UTC 2008
2008/8/26 John Edwards <john at cornerstonelinux.co.uk>:
> On Tue, Aug 26, 2008 at 06:35:52PM +0100, Jose Luis Martinez wrote:
>> 2008/8/26 Daniel P. Berrange <dan at berrange.com>:
>> <snip>
>>
>>> And if you have NFS home directories, and aren't requiring Keberized NFS
>>> clients, then SSH keys are worse than useless thanks to NFS' complete lack
>>> of a security model (ie it trusts clients to be truthful wrt to UIDs). And
>>> if you are requiring Kerberized NFS, then you can just use GSSAPI logins
>>> anyway, so don't need SSH keys. SSH keys + NFS home dirs == recipe for
>>> disaster. Of course non-Kerberized NFS + password login is no better
>>
>> In a previous job of mine NFS + ssh keys was a grave offence that
>> could lead to dismissal, a justified policy if you ask me.
>
> Even when protected by a passphrase?
It wasn't allowed at all, the risk to have this in an NFS server was
considered too high to trust people would be using this properly.
Eventually the solution was to use ssh with a token based
authentication system.
>
> There's a lot worse that can happen when you share your home
> directory over NFS, such as adding things to .bashrc, for
> example a key logging shell which will capture your passwords.
This is mitigated with the token based authentication.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list