[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnu-arch-users] Re: restricted shell (sftp) for gnuarch ?
From: |
Andreas Rottmann |
Subject: |
[Gnu-arch-users] Re: restricted shell (sftp) for gnuarch ? |
Date: |
Wed, 01 Dec 2004 18:29:19 +0100 |
User-agent: |
Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux) |
Eric Seigne <address@hidden> writes:
> Hello,
> i'm sorry to bother you but i don't find how to restrict my ssh/sftp
> shell for arch repositories !
>
> here is my situation:
> user eric: full ssh and sftp access
> 3 others users: full ssh and sftp access
> user eric_arch: access sftp only, and jail into /home/arch/
>
> i don't know how to make it !
>
> with cvs i used /bin/grap as shell or /bin/cvssh.pl but i can't find the
> same thing for gnuarch repositories !
>
Maybe rssh or scponly are what you look for?
Package: rssh
Description: Restricted shell allowing only scp, sftp, cvs, rsync and/or rdist
rssh is a restricted shell to be used as a substitute of the login
shell to allow users to perform only scp/sftp/cvs/rsync,rdist
operations.
.
The security implications are high, so the home directories have
to be set following the instructions provided.
Package: scponly
Description: Restricts the commands available to scp- and sftp-users
"scponly" is an alternative 'shell' (of sorts) for system
administrators who would like to provide access to remote users to
both read and write local files without providing any remote
execution priviledges. Functionally, it is best described as a
wrapper to the mostly trusted suite of ssh applications.
HTH, Rotty
--
Andreas Rottmann | address@hidden | address@hidden | address@hidden
http://yi.org/rotty | GnuPG Key: http://yi.org/rotty/gpg.asc
Fingerprint | DFB4 4EB4 78A4 5EEE 6219 F228 F92F CFC5 01FD 5B62
Python is executable pseudocode, Perl is executable line-noise.