Commercial solution:


On Mon, Feb 19, 2018 at 2:51 PM, <> wrote:

> Hi,
> I'm co-managing a server with a friend of mine offering ourself some basic
> service (like emails, file sharing, etc). At this time each of us can
> freely login on the server via ssh (we trust each others) for the daily
> administrative tasks.
> I would like to improve the current set up by adding a layer of
> certification and proofing of the ssh session, because if you know that you
> are recorded you'll be enforce to behave better. For this scope I've found
> many different possible solution, but quite complex to be implemented (like
> ssh proxy that records the session [1]), or too basic (like using
> /usr/bin/script). So far none of those that I've found satisfy me.
> About that I remember that some time ago (maybe one or two years ago) I
> read a post on planet debian about such a method for session audit. It was
> suggesting as an easy to run solution for external consultant: the
> recording and encrypting of the remote session was performed without
> requiring any proxy, letting to store the session data on a dumb external
> host. From what I could remember I think that the idea was something like
> recording the session with script like utilities (launched at session
> login), then periodically encrypting it with gpg and publishing on a local
> folder or on a remote resource. This way the owner of the system could
> reliably access the session log, and the remote person could always prove
> what he did at during the ssh session.
> Do you know about that solution? Or could you suggest something similar?
> Thank you,
> risca.
> [1] ssh proxy solutions: ssh-bastion, KeyBox

Reply via email to