Re: Proposal to add a DisableAuthentication option to sshd ServerOptions

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

On 28/06/2024 01:26, Jochen Bern wrote:
If pinpointing and templating the relevant accounts in the above way works out, there's no need to implement a kill switch for a security mechanism in sshd, to fiddle with PAM, or even to run a second, non-public sshd on a different port, the clients and servers would simply *happen* to have passwordless logins in(to) the "safe area" configured and ready to go as they're created off their respective templates.
Maybe even simpler: HostbasedAuthentication could do the trick for unprivileged user accounts within such a controlled environment.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux