Discussion:
adding athentication to gserver
Bob Lehman
2007-05-15 21:34:39 UTC
Permalink
I am writing simple remote listener using gserver to issue commands on a
remote server but do not want to leave it wide open for others to
connect. Would the best authentication scheme be a trusted host
relationship - a password or something else?

Any suggestions are appreciated.

Thanks
--Bob
Caleb Phillips
2007-05-17 15:16:40 UTC
Permalink
Post by Bob Lehman
I am writing simple remote listener using gserver to issue commands on a
remote server but do not want to leave it wide open for others to
connect. Would the best authentication scheme be a trusted host
relationship - a password or something else?
You'd have to clarify what you mean by "best". If by best you mean "most
secure" there are tons of options (all sorts and flavors of crypto and
key exchange - you could even use OpenID ;)). If, on the other hand you
mean "most convenient" that is a totally different question (maybe
something like port-knocking, or just a simple password challenge).
Depending on the privileges of the user that will be executing the
commands on the remote server and whether it will be change-root-jailed
and whatnot, I might not be satisfied with anything short of a dual
retinal scan and tissue sample ;). Especially now that you've announced
your backdoor to the entirety of the intarwebs.

If you have a specific question about a security mechanism you're
considering I'm sure we can help you out.

Good Luck,
--
Caleb Phillips
IT Specialist
Small White Cube
Loading...