[ale] Restricting users to sftp
Jerald Sheets
questy at gmail.com
Thu May 28 10:30:59 EDT 2015
You can use /etc/security/access.conf to eliminate shell altogether while allowing specific services on an ad-hoc basis.
Jerald Sheets
questy at gmail.com
> On May 28, 2015, at 10:24 AM, Jim Kinney <jim.kinney at gmail.com> wrote:
>
> No details emerge from my memory but I think there's a way to use PAM to
> decide what shell based on access method. By defining nologin as a
> default shell for all users that will also block pretty much everything.
> Maybe a really stripped down busybox with nothing more than ls and cd?
>
> rssh is still in the main repo for Fedora 21. Yeah, not updated for a
> long time but looks stable enough.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.ale.org/pipermail/ale/attachments/20150528/9f300402/attachment.sig>
More information about the Ale
mailing list