[114252] in cryptography@c2.net mail archive
Re: two-person login?
daemon@ATHENA.MIT.EDU (Philipp =?iso-8859-1?q?G=FChring?=)
Tue Jan 29 20:53:34 2008
From: Philipp =?iso-8859-1?q?G=FChring?= <pg@futureware.at>
To: John Denker <jsd@av8n.com>
Date: Wed, 30 Jan 2008 02:14:55 +0100
Cc: cryptography@metzdowd.com
In-Reply-To: <479E5D8B.3050406@av8n.com>
X-MDaemon-Deliver-To: cryptography@metzdowd.com
Hi,
> I have been asked to opine on a system that requires a
> "two-person login". Some AIX documents refer to this as
> a "common method of increasing login security"
> http://www.redbooks.ibm.com/redbooks/pdfs/sg245962.pdf
I would like to have a two-person remote login:
The server is in the datacenter, two sysadmins login remotely (SSH or=20
something similar), and the login only works if both are there. As soon as=
=20
either one drops the connection, the other one is frozen too.
They should see what each other is doing (key-press logging of the other ad=
min=20
in the bottom line)
(In case they detect the other sysadmin doing something evil, they can simp=
ly=20
disconnect, which also disconnects/freezes the other one)
I would be happy about such an implementation in a SSH server.=20
(combined with screen perhaps ...)
Best regards,
Philipp G=FChring
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
