[ILUG] does scp need a shell?
Paul Jakma
paul at clubi.ie
Mon Apr 4 16:51:02 IST 2005
On Mon, 4 Apr 2005, Rob Gallagher wrote:
> So I'm thinking it requires some kind of login shell; would
> somthing like rbash do the trick or could I lock it down even
> further with a script that only allows the scp command to be
> executed?
It needs a shell yes.
Note that you can specify in the public key which commands a key is
allowed to run. See man sshd and look at the 'AUTHORIZED_KEYS FILE
FORMAT'. specifying 'no-pty' in the key used might do what you want,
i'm not sure what command scp runs, but if its something distinctive,
specifying command='whatever-command-it-is' might help lock it down
too.
additionally, there are restricted shells, as kevin mentioned.
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
Fortune:
Good advice is something a man gives when he is too old to set a bad
example.
-- La Rouchefoucauld
More information about the ILUG
mailing list