[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Secure setup

From: Johnix
Subject: Re: [Duplicity-talk] Secure setup
Date: Sun, 19 Dec 2004 14:36:59 +0100
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

Mathias de Riese <address@hidden> writes:

C> Thomas Tempé (Johnix) wrote:
>>Should I set up a chrooted sshd on a non-standard port, with a
>>different /etc/passwd?
>>Should I create an account and mess with Pam so that the given user
>>cannot do anything else than use SCP?
> I did something similar, but not with PAM: I set up a user with a special
> script as shell. 

Not something I'd trust.

There are ways to gain a user's privileges without running his shell,
eg by using his mailbox, or an FTP account, or a web or Samba server
with $HOME access, or God knows what else.

Have fun,
Thomas Tempé

Attachment: pgpvtONvU1vv0.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]