SSH

Issues related to configuring your network
charleschemai
Posts: 1
Joined: 2012/07/27 06:52:58

SSH

Postby charleschemai » 2012/07/27 08:36:48

I want to be able to confirm/authorize incoming ssh connections to my box.
I have this in /etc/ssh/sshd_config:

Code: Select all

Match User oracle
#       X11Forwarding no
        AllowAgentForwarding no
        AllowTcpForwarding no
        ForceCommand ~/bin/ssh-confirm


and my ~/bin/ssh-confirm is:

#!/bin/bash

Code: Select all

confirmfile="$HOME/allow-ssh-for-pid-26561"
if [ -f "$confirmfile" ]; then
    echo "Old confirmation file found for the SSH session, exiting!"
    exit 1
fi
# wait for a grant for 30 seconds before giving up
for ((i=0; i<30; i++)); do
    if [ -f "$confirmfile" ]; then
        rm "$confirmfile"
        exec "$SHELL"
    fi
    sleep 1
done
echo "SSH access timed out."
exit 1
[Moderator edit: Added code tags to preserve formatting.]

I just want to be able to be prompted to allow or disallow incoming ssh connections thats all..

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

SSH

Postby pschaff » 2012/08/02 14:33:46

Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature.

I've never seen an approach like this, but doubt that the ssh config is going to recognize "~/bin/ssh-confirm". The usual approach to limiting SSH access it to use iptables rules to allow only certain hosts. See also the Wiki article:
http://wiki.centos.org/HowTos/Network/SecuringSSH


Return to “CentOS 6 - Networking Support”

Who is online

Users browsing this forum: Google [Bot] and 0 guests