Home page logo

basics logo Security Basics mailing list archives

Re: Mass Machine Login
From: Nick Owen <nickowen () mindspring com>
Date: Tue, 24 Jan 2006 11:31:36 -0500

Adam Kane wrote:
 Ryan Cummings wrote:
-----Original Message-----
From: Ryan Cummings [mailto:ryan.r.cummings () gmail com] 
Sent: Tuesday, January 17, 2006 10:06 PM
To: security-basics () securityfocus com
Subject: Mass Machine Login

I've been beating my brains out trying to find a solution for this but
can't.  Has anyone seen software or a script that will allow you to send a
login to multiple machines at one time?  Say for an entire room, for sake of
an example, has 75 computers all on the same vlan and we would like to login
to all the computers without touching each one of them individually with a
specified username.

I feel having the same login/password on all 75 computers is a bad
security practice.

Are you talking about logging into all the computers via SSH or FTP or
something like that or are you talking about having the computers
automatically log in when booted?

Here's a thought (maybe not well thought-out ;):  Could you set up a SSH
'gateway' box that acted as an SSH-agent for the other boxes and proxied
requests to the other servers?

So, the gateway box would have private keys for all the users on all the
other boxes, which would only require key authentication.  The gateway
box would also require a password or strong authentication.  Perhaps you
could only allow SSH logins from the gateway IP or lock it down in some
similar manner?  Effectively the users login once to the gateway box and
then have access to all the others.  Does that make sense?


Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
At last, two-factor authentication, without the hassle factor
Now open source: http://sourceforge.net/projects/wikid-twofactor/

The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]