Home

Authentication on Untrusted Remote Hosts with Public-key Sudo

Matthew Spindel Burnside; Mack Lu; Angelos D. Keromytis

Title:
Authentication on Untrusted Remote Hosts with Public-key Sudo
Author(s):
Burnside, Matthew Spindel
Lu, Mack
Keromytis, Angelos D.
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Book/Journal Title:
Proceedings of the 22nd Large Installation System Administration Conference (LISA '08): November 9-14, 2008, San Diego, California, USA
Publisher:
USENIX Association
Abstract:
Two common tools in Linux- and UNIX-based environments are SSH for secure communications and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this paper, we describe a weakness in their interaction and present our solution, public-key sudo. Public-key sudo1 is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. We describe our implementation of a BSD SSH authentication module and the SSH modifications required to use this module.
Subject(s):
Computer science
Item views:
67
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use