Re: OpenSSH-Client without reverse tunnel ability

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Am 05.04.2018 um 14:11 schrieb Alexander Wuerstlein:
> On 2018-04-05T14:07, Nico Kadel-Garcia <nkadel@xxxxxxxxx> wrote: >> How difficult would it be to leave a scheduled security check to >>
look for "ssh[ \t].*-R.*" expressions with "pgrep", and file a >>
security abuse report if such processes are seen? It could be >> worked
around, but should catch the most blatant abusers.so they >> can be
notified of inappropriate behavior. > > Additionally, one could grep
home directories for relevant > configuration statements in
~/.ssh/config. However that would be > necessarily incomplete, because
the other relevant config is > ~/.ssh/authorized_keys on the remote end.
Yeah, we thought of these options, too and I assume we will eventually
go with them, but as was pointed out, these approaches are simple, et
incomplete. That's why we asked in the first place.

However, since there does not seem to be any reasonable alternative
short than doing way more elaborated software development ourselves,
these will have to do.
Therefore, I consider this matter closed.

Thanks again to everybody who helped.

Best regards,
Jan

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux