[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sudo when using scp?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: sudo when using scp?
From: Shaun Fryer <sfryer_(_at_)_sourcery_(_dot_)_ca>
Date: Mon, 21 Feb 2005 10:27:43 -0500
Cc: Stuart Henderson <stu_(_at_)_spacehopper_(_dot_)_org>

On Mon, Feb 21, 2005 at 12:13:13PM +0000, Stuart Henderson wrote:
> --On 21 February 2005 12:33 +0100 Didier Wiroth 
> <didier_(_dot_)_wiroth_(_at_)_mcesr_(_dot_)_etat_(_dot_)_lu> wrote:
> 
> >Hi,
> >The situtation:
> >1) I'm physically connected to a client using ssh.
> >
> >2) I need to connect to anopenbsd server running sshd (OpenSSH_3.9,
> >OpenSSL 0.9.7d 17 Mar 2004) to copy files
> >2a) server uses skey authentication.
> >2b) root connections on sshd not allowed.
> >
> >3) The user that connects to the server is in the wheel group of the
> >server
> >
> >I would not like to:
> >a) change file ownership
> >b)change file access rights
> >c) allow root access
> >
> >How can I copy files from the server's /etc/ (files owned by root) to
> >the client's /etc

Your best bet is to have a root cron on the server box pull the files down.
Make the necessary files in /etc on the client readable (assuming they're
not already). Problem solved. Assuming your client isn't rooted or has it's
IP owned fraudulently, you're less likely to be comprimised IMO. The way
you're suggesting is inherently too risky I think.

--
=====================
 Shaun Fryer
=====================
 http://sourcery.ca/
 ph: 416-544-9461
=====================

References:
- sudo when using scp?
  - From: Didier Wiroth

Prev by Date: strange denial of network
Next by Date: Re: sudo when using scp?
Previous by thread: Re: sudo when using scp?
Next by thread: strange denial of network
Index(es):
- Date
- Thread

Visit your host, monkey.org