- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: SSH Auth hopping Station
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-05-2011 09:24 AM
тАО07-05-2011 09:24 AM
Hi,
I have approx 20 servers in my domain (mostly RHEL) and from an administration point of view I was thinking of using a dedicated server as a hopping station and setting up SSH authentication keys bewteen it and the other servers so as to enable me to gain easy/quick access to any server in the domain.
In doing so this will prevent me from logging into each box separately and having to search for and enter in passwords every time I need to log in to a different server.
My question is this:
a) is this a good idea
b) are there any security implications I need to consider?
Thanks,
D.
Solved! Go to Solution.
- Tags:
- ssh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-06-2011 08:51 AM
тАО07-06-2011 08:51 AM
SolutionThe security restrictions come to play if you allow root password free access too or from this hopping system. PCI and Sox audits often take a dim view of root password free access. This system should at least not have any real production running on it. Carefully consider what systems it can access. If it can access a DMZ/PCI Island system, if you have any you could have audit problems. Overall, I think the plan improves security.
I think it is a reasonable plan you have. You can close the firewall and prevent unauthorized system access. On the downside you have a single point of failure. If this system goes, a lot of potential work can not get done.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-07-2011 06:38 AM
тАО07-07-2011 06:38 AM
Re: SSH Auth hopping Station
Hi SEP,
Thanks for the feedback, much appreciated.
Regards,
D.