Re: SSH revised

[Christian Helmuth]

Hi,

On Mon, Mar 20, 2006 at 11:16:49PM +0100, Marcus Brinkmann wrote:
> Hi,
[...]
> The shell command requires capabilities (file system, etc) that are
> not available to the ssh server, and should not be.  This raises the
> issue if the ssh server should be split up into two parts, a system
> part and a user part, or if there should be a system ssh server at
> all.  There are a couple of potential models:
> 
> 1) Every user gets their own (virtual) domain and runs their own ssh
>    server.  IPv6 is right around the corner, isn't it? :)
>    Then you just use "ssh username.hostname.org" and that's it.
> 
> 2) Every user runs their own ssh server, but on a different port (ouch!).

I think these do not match with MAC-alike system policies. If an
administrator/owner wants to restrict the options a specific user has to
enter the system via SSH, there must remain a small "system" ssh server
part. An example could be the limitiaton to SSH2.

> Approach 3 seems to be a compromise.  It sounds tricky to get right,
> but it provides a hint to a solution in the case where approach 1
> would not work, for example because you need to do the host
> authentication with the _host_, and not with the user account, or
> where the operating system needs to provide some other capabilities
> beyond the network connection.  It also fits "better" with the
> traditional Unix model of internetworking.

I hope my remarks are complementary the details above. ;)

Ciao
-- 
Christian Helmuth

TU Dresden, Dept. of CS
Operating Systems Group
http://os.inf.tu-dresden.de/~ch12