allowing scp but not ssh (here's how) (WHOOPS)
Scott Prive
Scott.Prive at storigen.com
Tue Jul 30 10:02:12 EDT 2002
Sorry! I see my mistake in my response (LOL... .ssh/foo ???). I need more coffee, and I'll try this test again "for real", after lunch, and include my results.
Cheers,
Scott
-----Original Message-----
From: Alex Pennace [mailto:alex at pennace.org]
Sent: Monday, July 29, 2002 8:53 PM
To: Scott Prive
Cc: Struts User; discuss at blu.org
Subject: Re: allowing scp but not ssh (here's how)
On Mon, Jul 29, 2002 at 09:45:25AM -0400, Scott Prive wrote:
> Ah yes, sorry, I *did* intend to copy in the source if the refusal message. :-)
>
> Here's what you'd add. There could be something else to this, but I didn't see any symlink trickery.
>
> This setup allows specific users (determined by their login shell). Out of curiosity, I have not found any way to defeat this, if my only "account" is one of these rbash-designated accounts.
>
> # cat /etc/ssh/sshrc
[snip]
/etc/ssh/sshrc is executed only when ~/.ssh/rc doesn't exist (at least
that's how my sshd works). Make a zero-length ~/.ssh/rc.
More information about the Discuss
mailing list