Is forbidding concurrent ssh sessions a good idea?
Oleg Goldshmidt
pub at goldshmidt.org
Mon Nov 12 10:27:57 IST 2012
On Mon, Nov 12, 2012 at 10:05 AM, Elazar Leibovich <elazarl at gmail.com> wrote:
>
> I'm considering to disallow concurrent ssh sessions on a single-purpose
> production machine (say, DB server).
>
> I thought of replacing the default shell with a shell that keeps its pid
> file in a central place. If such a file already exist, it'll kill the other
> running shell before logging in.
Can't you use MaxSessions and/or MaxStartups in sshd config for this?
Whatever you do, make sure sshd kills sessions after some appropriate
timeout, otherwise you may find yourself in trouble... ;-)
--
Oleg Goldshmidt | pub at goldshmidt.org
More information about the Linux-il
mailing list