This has probably been asked somewhere but I can’t find it for the life of me.
I am currently setting up a server machine, and I want to make it so that only computers which are directly SSH’ing into the server and has an authorized key can get in. I’ve already gotten the keys to work, but I don’t know how I should go about making sure that people can’t multi-hop their way into the server machine. I want to know:
- Is it even possible to disable multi-hopping by only changing settings on the server machine?
- If it is, how do I go about doing it?
- If not, what other options do I have to achieve what I’m trying to do?
I don’t believe it’s possible by only changing settings on the server.
If your server is called
serverand another machine on your network is calledaux, then you need to disallow the following multi-hop methods, probably others as well:ssh -t aux ssh serverssh -o ProxyCommand='ssh aux /usr/bin/nc %h %p' serverssh -N -L 2222:server:22 aux & ssh -p 2222 localhostSo you need to ensure that
sshwhen run on any other machine on your network will refuse to connect toserver, except when the user is logged in locally (not via ssh)AllowAgentForwardingis set tonoon all other machines on your networknot improve security unless users are also denied shell access, as they can always install their own forwarders”
AllowTcpForwardingis set tonoon all other machines on your networksecurity unless users are also denied shell access, as they can always install their own forwarders”
This may be a bit much.
Perhaps you can keep the private keys embedded on hardware tokens that may not leave the building? This is beyond the limits of my experience, though.
You should get a better answer if you ask at ServerFault.com, and hopefully your question will be migrated there soon.