[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: sudo when using scp?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: sudo when using scp?
- From: Shaun Fryer <sfryer_(_at_)_sourcery_(_dot_)_ca>
- Date: Mon, 21 Feb 2005 10:27:43 -0500
- Cc: Stuart Henderson <stu_(_at_)_spacehopper_(_dot_)_org>
On Mon, Feb 21, 2005 at 12:13:13PM +0000, Stuart Henderson wrote:
> --On 21 February 2005 12:33 +0100 Didier Wiroth
> <didier_(_dot_)_wiroth_(_at_)_mcesr_(_dot_)_etat_(_dot_)_lu> wrote:
> >The situtation:
> >1) I'm physically connected to a client using ssh.
> >2) I need to connect to anopenbsd server running sshd (OpenSSH_3.9,
> >OpenSSL 0.9.7d 17 Mar 2004) to copy files
> >2a) server uses skey authentication.
> >2b) root connections on sshd not allowed.
> >3) The user that connects to the server is in the wheel group of the
> >I would not like to:
> >a) change file ownership
> >b)change file access rights
> >c) allow root access
> >How can I copy files from the server's /etc/ (files owned by root) to
> >the client's /etc
Your best bet is to have a root cron on the server box pull the files down.
Make the necessary files in /etc on the client readable (assuming they're
not already). Problem solved. Assuming your client isn't rooted or has it's
IP owned fraudulently, you're less likely to be comprimised IMO. The way
you're suggesting is inherently too risky I think.
Visit your host, monkey.org