On Sun, Aug 27, 2006 at 07:28:06AM -0400, Jaqui Greenlees wrote: > In a recent discussion about secure ssh use the idea > of having ssh export the authentication method as a > shll variable. The idea being to limit su access to > only those who have used a public / private key pair > for authentication.
Anyone who was aware of this method of "authenticating" su could just manually set the environment variable to the right value, and then could use su. This method does not provide any practical measure of additional protection from undesired users using su, even if it were possible... What you really need is a PAM module to make su use RSA auth directly, or something like that. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D
pgpbMXNoHOlPr.pgp
Description: PGP signature
