[ale] Restricting users to sftp
Jim Kinney
jim.kinney at gmail.com
Thu May 28 10:29:01 EDT 2015
Ah. Read the mailing list threads. Not quite abandoned but pretty much
so.
Maybe a RedHat or SuSe team can pick it up as their commercial stuff
benefits from the security aspects of rssh.
On Thu, 2015-05-28 at 14:09 +0000, Beddingfield, Allen wrote:
> For years now, we have been using RSSH to restrict users to sftp-only
> on our web servers.
> http://www.pizzashack.org/rssh/
> Unfortunately, this is pretty much an abandoned project, now.
> The way it works is that you just change the user’s shell to rssh, and
> sftp/scp is the only thing allowed. You can also set a umask in the
> rssh.conf file in /etc
> I’m looking for a way to do this without using RSSH. I see
> instructions for sftp-only/chroot for OpenSSH,but that seems a little
> much for what we are wanting to accomplish. My only goal is the
> prevent shell access – I don’t need the chroot setup.
> Any clever ideas?
> Thanks.
> Allen B.
> --
> Allen Beddingfield
> Systems Engineer
> The University of Alabama
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
--
James P. Kinney III
Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
http://heretothereideas.blogspot.com/
More information about the Ale
mailing list