Re: [Sudoscript-devel] keystroke logging to a remote server

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Welcome, David!

I've had a couple of thoughts since you first contacted me about
this. You are really discussing two different features that add up to
better enterprise management.  The first is central configuration of
sudo authorization. This would involve remote munging of the sudoers
file, coupled with a central store of user identities.  This sounds
like an interesting app seperate from sudoscript. I could get
interested in this, but my day job is making serious demands on my
time.

The second component is remote logging of keystrokes over an encrypted
connection.  This sounds like a very interesting feature. It
presupposes a management app, presumably the same one that would
control authorization. It also calls for an encrypted and
authenticated transport. The natural way to do this in an open source
app would be to use ssh. I took a look at Net::SSH::Perl after we
exchanged mail. This is a pure Perl implementation of SSH1 and SSH2. I
expected it to call in a chain of module dependencies, but it exceeded
my expectations by a large margin. Currently, sudoscript relies on
nothing outside the base Perl distro as commonly configured on Red Hat
Linux.  I'd like to keep it that way. That means reliance on
command-line ssh.  There's also the matter of key management to
consider.

Managing multiple concurrent logging streams would also be a
challenge.  As it happens, I'm doing that right now in my current day
job. I could borrow concepts from that effort.

I can see how the two features are interlinked. However I think I
should take the discussion over to sudo-devel to see if there is any
prior art.

--On Monday, July 15, 2002 11:50:58 PM +0100 David Chung 
<da...@ch...> wrote:

> Hi,
>
> I am new to this list but I have a few ideas/suggestions for sudoscript.
>
> In an organisation that I have worked in we played around with an
> application called Powerbroker by Symark. The package is good but comes
> at a price. Although this product is intended to be a more sophisticated
> sudo replacement it offers a couple of good features. One of them is
> allowing access to be brokered from a central secured server to a client
> requesting privedged access, it also allows keystroke logging back to the
> central server. This is all done over an encrypted connection like SSL.
> Does anyone think it might be worth looking to move sudoscript into a
> client server type application?
>
> Regards
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: Jabber - The world's fastest growing
> real-time communications platform! Don't just IM. Build it in!
> http://www.jabber.com/osdn/xim
> _______________________________________________
> Sudoscript-devel mailing list
> Sud...@li...
> https://lists.sourceforge.net/lists/listinfo/sudoscript-devel
>

Howard Owen                      "Even if you are on the right
EGBOK Consultants                 track, you'll get run over if you
hb...@eg...    +1-650-339-5733  just sit there." - Will Rogers