allowing scp but not ssh (here's how)
Scott Prive
Scott.Prive at storigen.com
Thu Jul 25 16:40:03 EDT 2002
This works for me -- use rbash.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
$ ssh qatest at tower15
qatest at tower15's password:
We're sorry, but you do not have shell access to this machine.
Please contact the system administrator for support.
Connection to tower15 closed.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
$ scp cli.pl qatest at tower15:/sfs/qatest
qatest at tower15's password:
cli.pl 100% |************************************************************| 99476 00:00
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
NOW, since I can't ssh into the box as qatest...
$ ssh root at tower15 grep qatest /etc/passwd
root at tower15's password:
qatest:x:507:507:tower15a.storigen.com Account:/sfs/qatest:/bin/rbash
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
There's some rbash settings you might want to tweak (someone else did this, not me). I think that's all you need to get started... :-)
Scott Prive
-----Original Message-----
From: Struts User [mailto:struts_user at myrealbox.com]
Sent: Monday, July 22, 2002 5:04 PM
To: discuss at blu.org
Subject: allowing scp but not ssh
How do I configure my Redhat 7.3 box so that users can scp files but not
ssh into their accounts? I tried setting their shell field in
/etc/passwd to /bin/false or /sbin/nologin but both approaches also
denied scp access.
_______________________________________________
Discuss mailing list
Discuss at blu.org
http://www.blu.org/mailman/listinfo/discuss
More information about the Discuss
mailing list