chroot + ssh concerns

[Lev Lvovsky]

On Jan 1, 2004, at 3:12 AM, Sergio Gelato wrote:
> But we're straying off topic for this list. On the "push over ssh"
> side

yeah, a bit ;)

I'll be subbing to the infrastructure list today to further discuss 
this issue.

> how about simply using a command= option in the target hosts'
> authorized_keys file, and some reasonably safe command like
> 	pax -r -s '#.*/.*##'

I was thinking of dropping off things like RPMs, or tar files onto the 
servers, and having a cron job cycle through them, and their contents 
(with shell scripts to be run that do all the work).  Your suggestion 
definitely opens up some more options.

Our security guy is (understandably) paranoid, and is opposed to the 
pull concept from a security POV - he believes that it would allow our 
satellite boxes to retrieve files from the central server, as opposed 
to a push system which controls when those files are put there.

but I digress (right onto the infrastrucure list :P )

> (i.e., unpack the tar or cpio archive on stdin, skipping all
> pathnames that contain a slash)? Season to taste, of course;
> in particular, you may have somewhat different filtering requirements.
> Now, I think there have been some bugs with subsystems (sftp)
> being enabled even for keys that are restricted by command=
> options, so you should definitely test, perhaps audit the source
> code, and report any problems that you find. But at least in
> principle this is supported by stock OpenSSH.

thanks, I will definitely give it a shot looking into this!

-lev