SSH

Issues related to configuring your network

SSH

Postby charleschemai » 2012/07/27 08:36:48

I want to be able to confirm/authorize incoming ssh connections to my box.
I have this in /etc/ssh/sshd_config:

Code: Select all
Match User oracle
#       X11Forwarding no
        AllowAgentForwarding no
        AllowTcpForwarding no
        ForceCommand ~/bin/ssh-confirm


and my ~/bin/ssh-confirm is:

#!/bin/bash
Code: Select all
confirmfile="$HOME/allow-ssh-for-pid-26561"
if [ -f "$confirmfile" ]; then
    echo "Old confirmation file found for the SSH session, exiting!"
    exit 1
fi
# wait for a grant for 30 seconds before giving up
for ((i=0; i<30; i++)); do
    if [ -f "$confirmfile" ]; then
        rm "$confirmfile"
        exec "$SHELL"
    fi
    sleep 1
done
echo "SSH access timed out."
exit 1
[Moderator edit: Added code tags to preserve formatting.]

I just want to be able to be prompted to allow or disallow incoming ssh connections thats all..
charleschemai
 
Posts: 1
Joined: 2012/07/27 06:52:58

SSH

Postby pschaff » 2012/08/02 14:33:46

Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature.

I've never seen an approach like this, but doubt that the ssh config is going to recognize "~/bin/ssh-confirm". The usual approach to limiting SSH access it to use iptables rules to allow only certain hosts. See also the Wiki article:
http://wiki.centos.org/HowTos/Network/SecuringSSH
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America


Return to CentOS 6 - Networking Support

Who is online

Users browsing this forum: No registered users and 9 guests