* Thomas Gebhardt <[EMAIL PROTECTED]> [2003-01-07 16:23 +0100]:
> as far as I can see, one can get at least 2 out of the following 3 items:
^"most"? otherwise trivial :-)
> * sshd Privilege Separation
> * /var/log/lastlog not world readable
> * users get a lastlog message at ssh login
If you
- set UsePrivilegeSeparation=yes in /etc/ssh/sshd_config,
- chmod o-r /var/log/lastlog,
- configure sudo ("%users ALL=NOPASSWD:/usr/bin/lastlog -u *"), and
- add "[ ${-//[^i]/} ] && sudo /usr/bin/lastlog -u $LOGNAME"
to /etc/profile,
the user's bash will display the date and origin of your last login
for interactive sessions.
--
Johannes Franken
Professional unix/network development
mailto:[EMAIL PROTECTED]
http://www.jfranken.de/
