Cisco like Command Line Interace for LFS
ghovs at plex.nl
Mon Nov 10 05:01:29 PST 2003
Keith Hayes wrote:
>Dear Cool People,
>I am building a security appliance based on LFS and need to have my users
>login via ssh to make system changes like change IP, stop/start services,
>I would like to achieve a "Cisco Like" interface that provides a menu with
>a mimimal number of options. Is this just a modified shell (bash..) and a
>chrooted system or is more too it. Or is there already a package or hint
>regarding this subject?
>Any help would be greatly appreciated.
>Thanks very much.
I'm not sure if you want this, or if you even could, but if you were to
do it over https, I would immediately think of webmin.
It can limit priviliges in a nice and modular way, isn't too much hassle
to set up, and you can even give it very pretty pictures.
Otherwise, if you stick to a shell environment, I'm afraid you'll have
to develop something which doesn't do anything webmin doesn't, and takes
you a long time to verify as being secure. I certainly can't come up
with some package already existing out there.
As a sidenote to that, you might want to google for SELinux, which may
offer you some of the features you would need when doing this sort of
thing to a shell.
Peter de Freitas
More information about the lfs-security