[Freebsd-security] Re: Multi-User Security
Lupe Christoph
lupe at lupe-christoph.de
Mon Jun 14 12:44:37 GMT 2004
On Monday, 2004-06-14 at 12:38:58 +0100, Bruce M Simpson wrote:
> On Wed, Jun 09, 2004 at 07:52:23AM -0700, Crist J. Clark wrote:
> > To do scp-only, you either need (a) a hacked up sshd(8) daemon, (b) a
> > jailed environment, or (c) a special shell for the user that only allows
> > scp(1) to run. The funny thing is, I think (c) is probably the easiest
> > to implement on a mass scale, but seems to be the option most seldom
> > considered.
> ports/shells/scponly
That's a liiiitttle short. ;-)
scponly covers both (b) as scponlyc and (c). It works with scp, sftp,
WinSCP, gftp and (IIRC) rsync. Great tool.
Lupe Christoph
--
| lupe at lupe-christoph.de | http://www.lupe-christoph.de/ |
| "... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity |
| Home for Badgers with Rabies. Michael Lucas |
More information about the freebsd-security
mailing list