Limiting a user to scp and not ssh

[Matt Alexander]

I'm trying to configure a box so people can scp files to it, but can't
actually ssh in.  I created a script named scpsh with this in it:

#!/bin/sh
#
exec /usr/bin/scp -t $HOME


Then I added scpsh to /etc/shells and made it their shell in /etc/passwd.
So now users can use scp to copy files over just fine, but when they try
to ssh, it sits there until they hit a key, at which point they get:

scp: protocol error: unexpected <newline>
Connection to 1.2.3.4 closed.


Is this the best way to handle this?  Is there a better way that anyone
knows of?
Thanks,
~M