Re: MAC-based ssh

To: Hans van Leeuwen <email@hanz.nl>
Cc: <debian-security@lists.debian.org>
Subject: Re: MAC-based ssh
From: Danny De Cock <godot@ulyssis.org>
Date: Fri, 2 May 2003 12:55:22 +0200 (CEST)
Message-id: <Pine.LNX.4.33.0305021252450.28594-100000@ace>
In-reply-to: <3EB247BC.6080600@hanz.nl>

hi,

using mac addresses for client authentication seems to me as an extremely
risky business as a mac address can easily be copied/cloned/spoofed...
imho, it does not offer any authentication at all...

g.

On Fri, 2 May 2003, Hans van Leeuwen wrote:

> Hello,
>
> My company has created an application that allows remote users to edit
> their DNS-records. This app needs to restart bind on the remote
> nameservers.
>
> I have decided to do this thrue SSH by putting the client key in
> authorized_keys2. But this seems a little risky, so I was wondering if
> it was possible to get sshd to only allow the client MAC-address.
>
> I've looked around, but for some reason search-engines tend to send me
> to www.apple.com ;-)
>
> Hans

Reply to:

Follow-Ups:
- Re[2]: MAC-based ssh
  - From: Kay-Michael Voit <debian@voits.net>
- Re: MAC-based ssh
  - From: Hans van Leeuwen <email@hanz.nl>

References:
- MAC-based ssh
  - From: Hans van Leeuwen <email@hanz.nl>

Prev by Date: MAC-based ssh
Next by Date: Re: MAC-based ssh
Previous by thread: MAC-based ssh
Next by thread: Re[2]: MAC-based ssh
Index(es):
- Date
- Thread