[ILUG] SCP
Conor Daly
conor.daly at oceanfree.net
Thu May 16 19:25:46 IST 2002
Somebody on the secureshell list suggested this...
> Can anyone tell me if it's possible to run the sftp subsystem, but
disallow
> interactive logins?
http://www.snailbook.com/faq/restricted-scp.auto.html
Someone else said...
>
> Give sftp-server as the users shell.
More generally, I think you can use a restricted shell that accepts
commands to run via the -c argument, like standard shells, but
will only run a few selected commands, like say, sftp-server and ls
The sendmail restricted shell "smrsh" might be adapted for this
porpose, or you could write a perl script (be careful about shell
metacharacters, and pass lists to system or exec, not strings.)
Conor
--
Conor Daly <conor.daly at oceanfree.net>
Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
5:01pm up 24 days, 22:40, 1 user, load average: 0.19, 0.05, 0.01
Hobbiton.cod.ie
4:09pm up 23 days, 6:36, 2 users, load average: 0.05, 0.06, 0.07
More information about the ILUG
mailing list