Is forbidding concurrent ssh sessions a good idea?
Oleg Goldshmidt
pub at goldshmidt.org
Mon Nov 12 10:54:37 IST 2012
On Mon, Nov 12, 2012 at 10:40 AM, Elazar Leibovich <elazarl at gmail.com> wrote:
> No problem with my scheme, if sshd won't kill old sessions, new sessions
> will... (or maybe I misunderstand you).
No, I misunderstood you... Sorry.
Killing existing active sessions in mid-flight seems hairy. You want
to prevent two admins from tweaking the server simultaneously, and the
latecomer may kill the session of the one who is already working,
maybe in the middle of editing a configuration file, moving a bunch of
data, whatever? Is it possible to leave a server in an
unknown/inconsistent state?
Also, there does not seem to be any warning to the already logged in
user. Or any information. How will he know that he was knocked out and
it was not a connection problem? If he thinks that he may try to log
back in... Consider writing something to his terminal and giving him
enough time and information to call the other guy? Yes, it's much more
involved than kill -9...
--
Oleg Goldshmidt | pub at goldshmidt.org
More information about the Linux-il
mailing list