Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: allun on April 13, 2004, 02:14:01 AM

Title: How to allow/disallow SSH login via email or web?
Post by: allun on April 13, 2004, 02:14:01 AM

Hi,

I have this crazy idea for mildly increasing the security aspects of my servers - I have a few around the country that I need SSH access to, but it would please the clients to no end if I could say that SSH is only enabled when i need it enabled.

I can hack together some php or a procmail rule that runs a script to turn on and off SSH - but my knowledge is lacking in 1 key area:

What commands do i run to turn on and off SSH access? note - i'm not worried whether the commands actuall turn ssh on and off or whether they just open/close the port....

I've tried looking at the logs when changing the SSH status thru server manager but i'm hoping someone will reply with the exact commands....

cheers


Allun

Title: How to allow/disallow SSH login via email or web?
Post by: bobk on April 13, 2004, 03:58:55 AM

I have not tried this but you might have a look at /etc/e-smith/web/panels/manager/cgi-bin/remoteaccess.. At about line 92 you will see some of the e-smith ConfigDB properties for sshd.

You should be able to write your script to set these properties as you like by using a command similar to

Code: [Select]

# /sbin/e-smith/db configuration setprop sshd status [prop] where [prop] could be private or public.

This might get you going in the right direction. Maybe someone with more knowledge of the ConfigDB can be more help.