login permission over scp
Eilko Bos
tafkam at brasapen.org
Thu Feb 17 09:54:01 GMT 2005
Hi,
>From the keyboard of ???????????? ??????, written on Thu, Feb 17, 2005 at 11:42:11AM +0300:
> i need only secure copy, but must give full user shell to user user1 at A
> on host B. if attaker take control of A, he can shell to user at b
>
> setting /sbin/nologin to shell user at B- scp not work
>
> what can i do to reduce permission user at b
You can use rssh from the ports:
$ cat /usr/ports/shells/rssh/pkg-descr
rssh is a Restricted Secure SHell that allow only the use of sftp or scp.
It could be use when you need an account (and a valid shell) in order to
execute sftp or scp but when you don't want to give the possibility to log
in to this user.
WWW: http://www.pizzashack.org/rssh/index.shtml
- enigmatyc
enigmatyc at laposte.net
$
Grtz,
--
Eilko.
More information about the freebsd-questions
mailing list