Am Samstag, 16. August 2008 09:18:54 schrieb Terry Porter: > Hi All, > I'm using FreeWRT on a Linksys WRT54G v3.1 as a Internet facing Reverse SSH > server and everything is working fine.
What is a Reverse SSH server please? > > I plan to use it to do remote Linux admin where the client SSHs to the WRT54G > from behind his firewall (most are adsl modem/routers) and I tunnel back to > him from behind my firewall via the WRT54G. > This sounds complicated. A drawing would say more than 1000 words! > Does anyone have any tips or keywords to throw my way to improve security for > this Internet only facing box which (will not normally have a local lan > connection when deployed)? I cant see what "unpriviledged users" should do on a WRT54G - I assume you created some user accounts? Up to my current understanding of the situation (which is quite small..) I would give the advice to let the "unpriviledged users" ssh sessions end on a "big" linux box (with a complete linux distribution) and give the users a shell in a chroot environment. Then you have complete control what the users can do and which files they can see. You will find a lot of stuff about chroot environments in the internet - google is your friend. Example: http://www.howtoforge.com/chroot_ssh_sftp_debian_etch Cheers Martin _______________________________________________ freewrt-developers mailing list [email protected] https://www.freewrt.org/lists/listinfo/freewrt-developers
