[Bug 2499] New: It would be nice to have a tool to manage ssh connections

[bugzilla-daemon at bugzilla.mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=2499

            Bug ID: 2499
           Summary: It would be nice to have a tool to manage ssh
                    connections
           Product: Portable OpenSSH
           Version: 7.1p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: renich at woralelandia.com

A tool for managing ssh connections is needed.

For example, when you have a user compromised and wish to kill a
certain connection and not the user.

Example case: postgres

Let's say you enable ssh login for postgres; key based. For some
reason, the user gets compomised and you end up with somebody
connecting from outside, using the postgres user.

You don't want to kill the user because the DBs are running on it; just
close the intruder's connection and disable ssh for the postgres user.

Example: shared root

Sometimes, several users have ssh access to a server. You might want to
kill a connection just because that user is not supposed to be logged
in at that time; while blocking his IP.

In this case, you don't want to pkill the root user. You just want to
close that particular ssh connection and have the user explain what was
he/she doing at the time.

Example: timed connections

It would be cool to allow ssh connections at certain dates and hours. A
user might need to connect only during work hours. Disallowing
connections after that would be awesome.

In any case, a connection management tool could be very useful.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.