what="official NYCBUG announcement">

Date: Mon, 04 Aug 2008 13:31:21 -0400
To: announce@lists.nycbug.org
From: NYC*BUG Announcements
Subject: [announce] NYC*BUG: Wednesday on Public Key sudo

August 06, 2008
Public Key sudo

6:30pm, Suspenders Restaurant

Two tools which have become the norm in Linux- and Unix-based
environments are SSH for secure communications, and sudo for performing
administrative tasks. These are independent programs with substantially
different purposes, but they are often used in conjunction. In this
talk, I describe a flaw in their interaction, and then present our
solution called public-key sudo.

Public-key sudo is an extension to the sudo authentication mechanism
which allows for public key authentication using the SSH public key
framework. I describe our implementation of a generic SSH authentication
module and the sudo modifications required to use this module.


Matthew Burnside is a Ph.D. student in the Computer Science department
at Columbia University, in New York. He works for Professor Angelos
Keromytis in the Network Security Lab (http://nsl.cs.columbia.edu/). He
received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His
research interests are in network anonymity, trust management, and
enterprise-scale policy enforcement.
announce mailing list