[syslog-ng]where docs on *REMOTE* logging using ssh??

Brian Landers brian@bluecoat93.org
Wed, 5 Feb 2003 10:04:43 -0500

> Even if openssh itself has no security holes, that's not the 
> point. The points I brought up were concerned with misuse of
> the shell access openssh grants. THAT's what I'd be scared
> about if I were you.

This is only an issue if you don't take the time to setup the
tunnel properly.  Use a non-root account created only for the
purpose of tunnels (with a locked password and a bogus shell),
setup the authorized_keys file with command="/bin/false" so
they CAN'T run any commands, and then use the -N flag to ssh
to not execute a remote command when you setup the tunnels.

We use reverse tunnels all over the place at work for logging
and other stuff that needs to pass back through the firewall
from the DMZ networks.  A secure server inside the wall opens
an SSH connection to the DMZ server, then forwards a port back
through the tunnel to the server.  The DMZ server never has to
know anything about the secure server, nor be able to connect
to it directly.  This opens a small security hole in that if
the DMZ host is compromised the bad guys have a single port 
they can access into the internal network, but we mitigate
that risk by running syslog-ng on the secure server non-root 
and chrooted.


People who are willing to rely on the government to keep them safe 
are pretty much standing on Darwin's mat, pounding on the door, 
screaming, "Take me, take me!"