[TriEmbed] need some specific help tonight

Robert Gasiorowski rgresume at gmail.com
Mon Oct 9 13:08:59 CDT 2017 

Sorry, both public keys go to authorized_keys on the server, not private.

On Mon, Oct 9, 2017 at 2:07 PM, Robert Gasiorowski <rgresume at gmail.com>
wrote:

> Instead of password, why don't you use rsa keys? That way, you don't have
> to give your password away.
> Create two sets of rsa keys, one for you and one for the user, then add
> both private keys to authorized_keys on the server, you keep your private
> key, and the user will get the second private key.
>
> On Mon, Oct 9, 2017 at 1:51 PM, Pete Soper via TriEmbed <
> triembed at triembed.org> wrote:
>
>> Folks,
>>   I have a problem that is off topic, but there is past precedent for us
>> helping each other with whatever. I'm hoping somebody can sit with me and
>> my laptop for a few minutes at tonight's meeting and help me implement a
>> secure but strictly limited access scenario with my personal domain server.
>>
>>   I have a git repo on my personal domain server and can push/pull
>> remotely using my user account id and password on a server running an old
>> version of CentOS (2.6 kernel).
>>
>>   What I need is to enable alternate access by a second party where the
>> person doing the access a) cannot use it for anything except a git push or
>> pull, b) uses a different password from my regular one, and c) can
>> instantly lose this access if I'm told by my ISP that this dog won't hunt
>> in regards to his terms of service.
>>
>>   My simple minded understanding of this is that I need to arrange a
>> second ssh password, which I think I can figure out, and somehow only allow
>> that password to be used for git commands (which I have no clue about). I
>> think this latter detail is either impossible without a second user account
>> on the server, and that isn't an option, or else with some additional
>> authentication magic that recognizes my regular password and proceeds or
>> this other password that redefines PATH or something to make all but git
>> inaccessible. Or maybe somebody knows of a virtually nearby log I can fall
>> over.
>>
>>
>> -Pete
>>
>>
>> _______________________________________________
>> Triangle, NC Embedded Computing mailing list
>> TriEmbed at triembed.org
>> http://mail.triembed.org/mailman/listinfo/triembed_triembed.org
>> TriEmbed web site: http://TriEmbed.org
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.triembed.org/pipermail/triembed_triembed.org/attachments/20171009/3e7f3e98/attachment.htm>

More information about the TriEmbed mailing list