Ideas for ssh / sudo

[Paul Lussier]

In a message dated: Tue, 10 Oct 2000 16:01:20 EDT
"Marillier, Allan" said:

>Another option - but it also has potential for abuse - you could
>set up a mail alias which pipes to a program/script.
>e.g. add an entry to  /etc/aliases
>     mailadmin: |"/usr/local/bin/mailadmin"
>and run newaliases. Then you have a script named mailadmin,
>which receives the output of a message, parses it, and acts on the
>content of the message.

I just actually sent a similar idea to the original poster.  The difference in 
my scheme would be:
	a. have a web page (on some other system) with a form 
	   which requests all relevent infomation from the "user"
	b. have the "submit" button e-mail this request to the "admin" group
	   for verification/authorization
	c. admin group forwards request to the alias mentioned above
	d. the script parses the e-mail and verifies:
		1. that it really comes from someone listed
		   in the the admin group
		2. the request command is in proper format
	e. the script passes the information off to an "addalias" script or
	   function

My vision of how this would work is that the web page is on a separate system
from the web server, and the script would be written in perl.  Since most of 
the interaction is via e-mail, you could bring a pgp signature into the scheme 
and have the script authticate the pgp signature of e-mail it receives.
That way you have a 3-step authentication; first the e-mail must be *from* an 
authorized user (easy to forge), second, the e-mail must contain a correctly 
formatted request string (also easy to forge), third, the e-mail must contain 
a pgp signature matching the key on record for the "from" sender.

There may be some kinks in this plan, but this is only the result of 5 minutes 
of thought :)
-- 
Seeya,
Paul
----
	   I'm in shape, my shape just happens to be pear!

	 If you're not having fun, you're not doing it right!