[rescue] SSH functionality ::WAS::::::::Re: Sun V240
Scott Newell
newell+rescue at n5tnl.com
Wed Nov 1 19:29:37 CDT 2017
At 05:31 PM 11/1/2017, Andrew M Hoerter wrote:
>case, a webserver was running on the same machine already so I wrote a
>simple CGI script whose URL was protected via required TLS certificate
>authorization. Clients hitting that URL with a valid cert would cause
>their source IP to be added to a dynamic table connected to a firewall
>pass rule for port 22 as well as IMAP. After some time that entry would
>time out and expire.
I like this idea! I was thinking about somehow using a Fido U2F token
to protect a ssh server, and you've just given me a great idea. I'm
thinking you visit a webpage and auth using U2F to open ssh access
for a bit. (In my case, say I'm visiting family out of town, need to
log in to my server, and can't count on having my ssh keys handy.)
--
newell N5TNL
More information about the rescue
mailing list