Limiting a user to scp and not ssh
Bill Warner
plug-discuss@lists.plug.phoenix.az.us
20 Jun 2002 09:41:07 -0700
Your probably better off just setting there shell to /bin/false in
/etc/passwd.
If there is every any kind of security hole in scp that someone could
exploit they could get in to your box with your current setup.
Bill Warner
On Wed, 2002-06-19 at 18:48, Matt Alexander wrote:
> I'm trying to configure a box so people can scp files to it, but can't
> actually ssh in. I created a script named scpsh with this in it:
>
> #!/bin/sh
> #
> exec /usr/bin/scp -t $HOME
>
>
> Then I added scpsh to /etc/shells and made it their shell in
> /etc/passwd.
> So now users can use scp to copy files over just fine, but when they try
> to ssh, it sits there until they hit a key, at which point they get:
>
> scp: protocol error: unexpected <newline>
> Connection to 1.2.3.4 closed.
>
>
> Is this the best way to handle this? Is there a better way that anyone
> knows of?
> Thanks,
> ~M
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
> post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--
Bill Warner
Unix/Linux Admin.
Direct Alliance Corporation
Company required stuff:
Contents are Direct Alliance Corporation Confidential
This message is for the designated recipient(s) only and contains
Direct Alliance Corporation privileged and confidential information.
If you have received it in error, please notify the sender immediately
and delete the original. Any other use of this email is prohibited.