Re: Authentication restrictions per account?

From: w4Ciabvd nyzLnN (bu4+A_@ZW%!.com)
Date: 09/08/02


From: bu4+A_@ZW%!.com (w4Ciabvd nyzLnN)
Date: Sun, 08 Sep 2002 14:55:45 GMT

In article <m18z2dyy0j.gnus@usa.net>,
those who know me have no need of my name <not-a-real-address@usa.net> wrote:
>in comp.security.ssh i read:
>
>>And, I should worry about bad file system corrupting my keys?
>
>if you find a way of making the key the only way to login, then of course
>you should be worried about it becoming corrupted.

The point which apparently eluded the O.P. is regardless of
the authentication method, there remains an array of other
possibilities which could lead to failure. What if the root file
system was corrupted (i.e. the passwd file trashed)? For years and
years, /etc/passwd was the only way to login to a Unix host. What if
my $HOME file system failed to fsck so that it failed to mount?
If $HOME is exported from another host, what if NFS is somehow hosed?
I recall in other Unix flavors (read: don't know how this relates
to Linux) that if the utmp file was removed or truncated, no
logins would be permitted. There are a myriad of ways to prevent a
successful login. I do not see how or why allowing an individual
user to apply a subset of the AllowedAuthentications is perceived as
so ominous. The individual has the means to "inconvenience"
themselves via other ways (e.g. using a from lines in the
authorized_keys, forced commands, etc., etc.).

>because there is no way, currently. hack the source to provide yourself an
>indicator. if you do not control the server (as seems the case) then you
>will just have to live with password access remaining possible. you could
>ask the admins to disable it, but i doubt they will.

I believe I'll try the latter as the former may violate my TOS.



Relevant Pages

  • XP + Novell login + Limited user = BSOD
    ... Novell client) and workstation login as Limited user and once the ... with a graphics driver. ... It is obvious that the file system errors ...
    (microsoft.public.windowsxp.general)
  • Re: Trapped with a read-only mounted hard drive!
    ... system with a a rescue disk, doing a check on the file system with ... force a check at boot up, ... The session seg faults upon login, ... A file system check will run. ...
    (comp.os.linux.misc)
  • How to exec "login" from the lowest level "shell"
    ... My Sun server prompt "/var file system full". ... When I login "root". ... You must excx "login" from the lowest level ...
    (comp.unix.solaris)
  • Re: Cant Login to Box Anymore
    ... Upon rebooting I can no longer login to the box via telnet or any other means. ... Any advice on how to mount or access the server from the console? ... I tried to use the safe mode but the file system is read-only and that doesnt' do me any good. ... initially mount) the filesystems you need to try to solve your ...
    (freebsd-questions)
  • Re: cdrecord and large files.
    ... Oscar del Rio wrote: ... back to the login ID before trying to open the file. ... As a test, I copied the file to the root of the root file system, and still the same problem. ...
    (comp.unix.solaris)