[scponly] scponly .ssh directory?
Ralf Durkee
rd at rd1.net
Wed Jan 7 13:02:08 EST 2004
If the ssh server config (sshd_config) has the directive
PermitUserEnvironment set to "no" (which is the default on the recent
OpenSSH releases) then it should not read a ~/.ssh/environment file even if
it exists. you should still try this and verify it on your system.
Of course there are other files which can be placed in the .ssh such as the
authorized keys file, which would only allow a user to setup a public key
for access rather than using a password. This may not be an issue for most
your usage, but if it is it can be controlled with the directives
AuthorizedKeysFile for protocol 2. Protocol 1 should be disabled via the
"Protocol 2" directive.
Finally the ~/.shosts and ~/.rhosts are also ignored by default, but should
also not be allowed via "IgnoreRhosts yes".
In short, yes, you can be relatively safe with a writeable home or a
writeable .ssh directory. but assuming that you are talking about users
without shell access, then why not eliminate even the minor risk by not
allowing them to own their home directories or restricting the write access
to an incoming directory? I'm curious if there is some situations where
this model doesn't fit.
-- Ralf Durkee, GSEC, GCIH
Information Security Consultant
585-624-9551
http://rd1.net
>Date: Wed, 07 Jan 2004 09:58:13 +0100
>From: Joris <joris at linux.be>
>To: scponly at lists.ccs.neu.edu
>Subject: [scponly] scponly .ssh directory?
>
>Hi,
>
>Is it still necessary to restrict user-access to the .ssh directory in
>the filesystem?
>This is the only showtopper for me to integrate scponly in my system.
>
>Rssh (rssh.sf.net) seems not to require .ssh restrictions? But it lacks
>application/client support... (it's the unison support in scponly I'm
>looking forward to ;))
>
>--
> Greetings
> Joris
> joris at linux.be
>------------------------------
More information about the scponly
mailing list