> In a recent discussion about secure ssh use the idea of having ssh > export the authentication method as a shll variable. The idea being > to limit su access to only those who have used a public / private > key pair for authentication.
Obviously you'd have to be able to generate such content for the envariable that it couldn't just be dreamed up, and could be verified by the next step, and you'd have to modify su/sudo to actually do the verification. Whether SSH could export any desired content into an envariable is not the point (the answer is "of course, it does that all the time"), and bash (or whichever shell) is not relevant to the issue at all as su/sudo handling is not performed by the shell but by the respective programs themselves. -- Atro Tossavainen (Mr.) / The Institute of Biotechnology at Systems Analyst, Techno-Amish & / the University of Helsinki, Finland, +358-9-19158939 UNIX Dinosaur / employs me, but my opinions are my own. < URL : http : / / www . helsinki . fi / %7E atossava / > NO FILE ATTACHMENTS
