[ale] Best way to disable command-line access?
Eric Hunter Eidson
hunter at gpc.edu
Thu Oct 5 14:08:04 EDT 2006
I've had good luck (although I've only used it for a couple of accounts)
using a shell replacement called rssh (http://www.pizzashack.org/rssh/). It
allows you to restrict access to only scp and/or sftp (it also has the
ability to allow rdist, rsync, and cvs).
Hope this helps...
--Hunter
On Thu, Oct 05, 2006 at 01:42:29PM -0400, Allan Metts wrote:
> Hi everyone,
>
> What's the best way to preserve the ability to transfer files with scp,
> but PREVENT someone from using those same ssh credentials to get to a
> command line? This is for a single user only -- other users of the same
> server should be able to log in as usual.
>
> I tried usermod -s <a_script_that_does_nothing> <user>, but this seems to
> prevent scp file transfers as well.
>
> Is there a user-specific ssh config setting that does this? Any other
> ideas?
>
> Thanks in advance, Allan
--
=================================================================
Random Quote of the Day for Thursday, October 05, 2006
Why is "easy listening" so hard to listen to?
=================================================================
Hunter Eidson || _/_/_/_/ _/_/_/_/ _/_/_/_/
PureMessage & UNIX Admin || _/ _/ _/ _/
Georgia Perimeter College || _/ _/_/ _/_/_/_/ _/
Senior Systems Admin, OIT || _/ _/ _/ _/
Phone: 678-891-2502 || _/_/_/_/ _/ _/_/_/_/
=================================================================
More information about the Ale
mailing list