In the back of my mind are the recent attacks against Google and others by the Chinese government. I keep asking myself how I would setup and defend against such attacks, and more importantly mitigate them. The end goal of this exercise for me, is to limit Internet access to devices that have authenticated to the gateway/proxy. Thus when the user logouts of their workstation for the day and goes home, their computer is now cut off from the Internet.
I’ve thought about using key based authentication. Trick is, if the system has a keyboard logger installed, then both the keys and the passphrase protecting the keys can be stolen. Harder than most, but not fool proof.
I’m thinking of a case where the user’s computer is compromised by someone external to the company. At this point my intent is to limit the ability of the computer to access the Internet. If the computer can not talk with the Internet then the person who compromised the system can not get data out of the company network.
At this point the solution in my head was to use authpf, ssh, and s/key. I would prefer that users not have a local password. Instead they can only use s/key to login. I also would prefer that users don’t have to type user:skey@host and instead just user@host and have s/key forced upon them. I created a new login class, a new user, and had s/key as the authentication method for the class. I assigned the user to the class. Then I ‘su – user’ and then tried skeyinit but the “user” then gets prompted for their password. Because their login class requires s/key the password being requested is an s/key password. A catch-22. :(
If you’re reading this and have a suggestion or idea on how I might work around this or otherwise accomplish my goal, please leave a comment.