You may have caught my blog post last week about setting up host to host ssh keys.
What you might not have caught was in the comments, where Ben Cotton mentioned a trick I hadn't heard of, namely specifying the allowed remote commands in the authorized_keys line. He said there were even more features available, just waiting on the manpage. I replied that if he wrote it, I'd link to it.
Well, Ben put his money where his mouth is. He goes into nice detail and provides some good links and suggestions. This is really fascinating stuff, and I'm looking forward to using it in my own organization.
Therek over at Unix Sysadmin jumped in the fray, too. He's got three neat tricks for your ssh needs that you should really check out. I had no idea SSH key auth could be bent in these directions!
I've said it before, but I'll keep saying it. I love having visitors to my blog who enjoy what I write, and it really brings it home to interact with everyone like this. I couldn't ask for a better bunch of readers, though to be honest, I'm worried about Ben's longevity. I can't imagine what his cholesterol level must be ;-)
Ben, Therek, thank you both very much! I know my readers will really enjoy these articles. And as for everyone else, the same offer goes for you. If you've got something to share, let me know, I'll be happy to link to your blog entry or host it here if you've got the urge to write.
skip to main |
skip to sidebar
A blog for IT Admins who do everything by an IT Admin who does everything
Blogs I frequently don't have time to read
Posts
Blog Archive
-
▼
2008
(184)
-
▼
November
(29)
- Gift ideas for you and the other sysadmins in your...
- More LVM information
- Quality Assurance vs Quality Control
- Doing sysadminy things with Windows PreInstalled E...
- Happy Thanksgiving!
- The case of the 500-mile email
- Infrastructure Switchover
- Interesting bug in fresh CentOS install (or why I'...
- Imagine a beowu...wait, I mean RAID array of these...
- Configuring the Netgear SSL VPN Concentrators (SSL...
- Default vsftpd on CentOS is dumb
- Unix Rosetta Stone
- Wacky SSH Authorized Keys Tricks
- Great tool for network diagramming
- Building and designing systems: Is the cart pullin...
- Host to host security with SSH Keys
- Datacenter that could belong to S.P.E.C.T.R.E.
- Tips for an initial buildout
- Sysadmin Extorts company for better severance package
- Where to put your system monitoring
- Encrypted Filesystems out of the box on CentOS
- Best. Bug. Ever.
- Justify the extistance of IT (from Slashdot)
- The Creative Admin
- WPA TKIP Cracked
- Stupid Unix Tricks (from Slashdot)
- The balance of security and usability
- Scalability in the face of the incoming onslaught
- Sysadmin Mobile Devices
-
▼
November
(29)
People following this blog
Other affiliations / blog groups
I have a monthly column at
My blog is a part of
I'm a member of
My blog is a part of
I'm a member of
Calling all guest bloggers
Do you have an idea for a blog entry that you want to write? Do you have a blog entry that you've already written, but don't have a place to publish it? I'm definitely interested!
As I don't make any money on this site, I can't offer to pay you for it, but I will happily link to whatever web presence you'd like. My current subscriber count is right around 500 people, so your article would be viewed by a lot of people.
To get in touch, email me at
standalone.sysadmin@gmail.com
As I don't make any money on this site, I can't offer to pay you for it, but I will happily link to whatever web presence you'd like. My current subscriber count is right around 500 people, so your article would be viewed by a lot of people.
To get in touch, email me at
Twitter / standaloneSA
Automatically Generated Amazon Ads
Labels
- security (14)
- networking (13)
- storage (12)
- vacation (9)
- administrivia (8)
- advice (7)
- guest blog (7)
- server room (6)
- virtualization (6)
- backup (5)
- learning (5)
- monitoring (4)
- nagios (4)
- whining (4)
- asking questions (3)
- blog (3)
- cat5 (3)
- fail (3)
- fiber (3)
- physical infrastructure (3)
- remote management (3)
- troubleshooting (3)
- windows (3)
- CLI (2)
- LVM (2)
- archive (2)
- colocation (2)
- debian (2)
- debugging (2)
- dns (2)
- esxi (2)
- giveaway (2)
- hardware (2)
- howto (2)
- laptop (2)
- lisa (2)
- policy (2)
- preblog (2)
- racks (2)
- redundancy (2)
- tech support (2)
- telecom (2)
- training (2)
- vmware (2)
- vpn (2)
- AoE (1)
- IPv6 (1)
- Level3 (1)
- Linux (1)
- NAS (1)
- QA (1)
- QC (1)
- T1 (1)
- active directory (1)
- article (1)
- automation (1)
- bandwidth (1)
- benchmark (1)
- bgp (1)
- blackberry (1)
- blogiversary (1)
- books (1)
- burnout (1)
- business (1)
- centos redhat ldap bugzilla (1)
- checklists (1)
- cisco (1)
- clusters (1)
- competition (1)
- conference (1)
- convention (1)
- cooling (1)
- database (1)
- documentation (1)
- education (1)
- encryption (1)
- ethernet (1)
- ethics (1)
- fibre channel (1)
- filesystems (1)
- fire (1)
- freebies (1)
- heroics (1)
- high availability (1)
- imaging (1)
- incident response (1)
- installation (1)
- international (1)
- iscsi (1)
- kvm (1)
- ldap (1)
- leasing (1)
- licenses (1)
- link (1)
- load balancing (1)
- marketing (1)
- mobile (1)
- money (1)
- openbsd (1)
- oracle (1)
- osx (1)
- passwords (1)
- patching (1)
- project management (1)
- rack unit (1)
- raid (1)
- recycling (1)
- remote desktop (1)
- resources (1)
- routing (1)
- rss (1)
- safari (1)
- sage (1)
- san (1)
- shortcuts (1)
- slashdot (1)
- small infrastructure (1)
- social networking (1)
- soho (1)
- ssl (1)
- stress (1)
- switches (1)
- systems administration (1)
- technology (1)
- terminal server (1)
- time management (1)
- top list (1)
- toplist (1)
- twitter (1)
- uptime (1)
- usenix (1)
- wireless (1)
- xen (1)