this post was submitted on 15 May 2024
25 points (96.3% liked)

Linux

48310 readers
645 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Problem: I want to remotely access my computer from untrusted computers like on friends house or at work.

Looking for: Remote desktop software (SSH is out of scope, as it could do commands in the background). Client should work in the browser or have portable binaries. Server should send some soft of 2FA before every connection without a way to remember it, so I could be safe in a case of a keylogger snooping on connection password. Not nessesary, but would be nice to have some sort of rate limiting for the inputs, so it won't be possible for some rubber-ducky style script to open terminal and run command before I could react.

you are viewing a single comment's thread
view the rest of the comments
[–] wildbus8979@sh.itjust.works 10 points 6 months ago* (last edited 6 months ago)

I'm not saying this to be smug, everything you listed here is things ssh can do if configured to do so... 2FA can be configured in various ways via PAM (namely yubikey being the superior method, but the possibilities are limitless). Banning non interactive shells can be done with something along the lines of:

ForceCommand    if [ "$SSH_ORIGINAL_COMMAND" ]; then echo "this server rejects non-interactive ssh usage" >&2; exit 1; else exec "$SHELL" -i; fi

Rate limiting is achievable via iptables/nftables.