[Nix-dev] security - observing changes - example authorizedKeys
Marc Weber
marco-oweber at gmx.de
Sun Jul 22 04:59:26 CEST 2012
I just had a look at the user.name.openssh.authorizedKeys.keys
option:
- That you can choose adding a section /overriding everything is great
problems:
- it doesn't get run in the activation phase (?) - Thus you have to
restart sshd (which is non obvious without reading code)
How to fix? Add it to the activation phase & ensure its run after the
code creating the users ..
Thus which is the way to go? add postUserSetup script like options?
- if you want to control that file entirely - should the script be run
by a cron-job every X hours - and should be there a way to report
violations?
I mean you don't want to ssh every 3 days to make sure that all
authorized_keys files contain what you think they contain.
That's only one use case. Checking ports, permissions on files (eg home
directories) and much more should be checked regularly if you want feel
save.
Does this make sense?
Has anybody else thought about how this should be implemented?
I mean nobody wants to get hacked - but if you do - you should know
about it. That's why I think about how to detect that case as well.
It will be very hard (if not impossible) to make sure that nixos is
total secure. I feel nobody can pay full penetration testing after each
small update - which is why I think about finding alternatives.
I'm aware that chowning large email directories could have impacts on
performance which makes me think that what I'm looking for is not
feasible?
Marc Weber
More information about the nix-dev
mailing list