[rescue] SSH functionality ::WAS::::::::Re: Sun V240

Scott Newell newell+rescue at n5tnl.com
Wed Nov 1 19:29:37 CDT 2017

At 05:31 PM 11/1/2017, Andrew M Hoerter wrote:

>case, a webserver was running on the same machine already so I wrote a
>simple CGI script whose URL was protected via required TLS certificate
>authorization.  Clients hitting that URL with a valid cert would cause
>their source IP to be added to a dynamic table connected to a firewall
>pass rule for port 22 as well as IMAP.  After some time that entry would
>time out and expire.

I like this idea! I was thinking about somehow using a Fido U2F token 
to protect a ssh server, and you've just given me a great idea. I'm 
thinking you visit a webpage and auth using U2F to open ssh access 
for a bit. (In my case, say I'm visiting family out of town, need to 
log in to my server, and can't count on having my ssh keys handy.)

newell  N5TNL

More information about the rescue mailing list