On Wed, 2007-01-10 at 10:47 -0700, Dave Long wrote: > This situation where the user is ssh'ing to an outside box (from > inside the network) to a box presumably with squid is what I am trying > to determine. I do not want to be an evil admin and block all ssh > access.
Sounds like the bigger problem is a trust issue. There are many ways *technically* to approach the situation (some clearly better then others), but maybe management should be made aware of her behavior and they can handle it based on an established code of conduct. You can then do what you (presumably) love - work on technical issues. I know when I adopted this approach, it made my job much more pleasant. Besides, who wants to work with people they can't trust? :) Barring that, I'd go with Matthew Walker's DMZ/iptables/sshd approach. Good luck, Gabe /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
