2008 Articles
Authentication on Untrusted Remote Hosts with Public-key Sudo
Two common tools in Linux- and UNIX-based environments are SSH for secure communications and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this paper, we describe a weakness in their interaction and present our solution, public-key sudo. Public-key sudo1 is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. We describe our implementation of a BSD SSH authentication module and the SSH modifications required to use this module.
Subjects
Files
- burnside.pdf application/pdf 98.5 KB Download File
Also Published In
- Title
- Proceedings of the 22nd Large Installation System Administration Conference (LISA '08): November 9-14, 2008, San Diego, California, USA
- Publisher
- USENIX Association
More About This Work
- Academic Units
- Computer Science
- Published Here
- March 9, 2012