check_by_ssh question

Andreas Ericsson ae at op5.se
Thu Mar 25 11:05:14 CET 2004


Matt Pounsett wrote:
> On Wed, 24 Mar 2004, Andreas Ericsson wrote:
> 
> 
>>If you get hacked someplace, you're network is dead and there's nothing 
>>you can do about it.
> 
> 
> Well.. assuming it was all intelligently configured, this is overstating
> things significantly.  It's quite easy to limit one's passwordless ssh keys to
> ONLY run certain commands, and to prevent the invocation of shells and so
> forth, thus preventing those keys from being used to invade other machines.
> 
Didn't know about the commands bit. How does that work?
As for the shell; disable it and you won't get much checking done since 
SSH forks a shell to take care of the command you want to.


-- 
Mvh / Best regards
Sourcerer / Andreas Ericsson
OP5 AB
+46 (0)733 709032
andreas.ericsson at op5.se


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list