[clug] Wanted: Developer to securely implement a restricted SSH shell
Steve Walsh
steve at nerdvana.org.au
Mon Jan 4 15:53:36 MST 2010
Nathan O'Sullivan wrote:
> I've posted the requirements off list, but to summarise: I need a way
> to let customers access their Xen domU console ("xm console $DOMAIN")
> over SSH, while doing our utmost to prevent the customer from doing
> anything else on the dom0.
Hating to take money away from list members, but would xen shell do what
you want?
http://www.xen-tools.org/software/xen-shell/
"The Xen shell is a simple console application which allows you to
easily allow a user to control multiple Xen instances, without the
overhead of a web-based control panel.
Using this shell users may:
* Boot/Shutdown their Xen guest.
* Reboot their Xen guest.
* Connect to the serial console of their runing Xen guest.
* Reimage their system to a pristine state, via xen-tools.
* Manipulate their reverse DNS information
* Change their login password.
The shell features command history, command completion, and integrated help.
It is ideal for a hosting company which wishes to offer Xen-based
"virtual machine" to clients. By using the xen-shell clients can
maintain their own instance, without needing to ask for support staff to
reboot/shutdown, or otherwise maintain the runnings system.
Security is improved since the client cannot gain access to the host
system, and can only control their instance, and not those belonging to
other clients."
--
--==--
Steve Walsh
RHCE
Vice President / SysAdmin Team member- Linux Australia
Networks and Technology - Linux.conf.au 2008
Evil Network bunny - Linux.conf.au 2009
Geek Emeritus (you fool! You glorious fool!) - Linux.conf.au 2010
I can neither confirm nor deny - Linux.conf.au 2011
More information about the linux
mailing list