From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 09:10:36 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 885C616A4DD for ; Mon, 21 Jun 2004 09:10:36 +0000 (GMT) Received: from pd5mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 35A4C43D58 for ; Mon, 21 Jun 2004 09:10:36 +0000 (GMT) (envelope-from peepstein@canada.com) Received: from pd5mr4so.prod.shaw.ca (pd5mr4so-qfe3.prod.shaw.ca [10.0.141.168]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZN005KDIHQ24@l-daemon> for freebsd-isp@freebsd.org; Mon, 21 Jun 2004 03:03:26 -0600 (MDT) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd5mr4so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0HZN00M9LIHR8W91@pd5mr4so.prod.shaw.ca> for freebsd-isp@freebsd.org; Mon, 21 Jun 2004 03:03:27 -0600 (MDT) Received: from interface.larch.local (S01060060670810b9.vc.shawcable.net [24.80.23.243]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZN00K2QIHQGQ@l-daemon> for freebsd-isp@freebsd.org; Mon, 21 Jun 2004 03:03:26 -0600 (MDT) Date: Mon, 21 Jun 2004 02:03:30 -0700 From: Edward Epstein In-reply-to: <40D35845.1050200@vwsoft.com> To: freebsd-isp@freebsd.org Message-id: <200406210203.30379.peepstein@canada.com> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit Content-disposition: inline User-Agent: KMail/1.6.2 References: <40D35845.1050200@vwsoft.com> Subject: Re: scp only connection X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: peepstein@canada.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 09:10:36 -0000 Hi Volker, there is a program called scponly that will do what you want. I believe that it is in the ports, but the URL is http://www.sublimation.org/scponly/ Cheers, Ed Thus spake Volker: >Hi! > >Does anybody know if it's possible to have a user scp'ing only on a >FreeBSD machine and deny ssh access? > >I've got an sshd running and want one user only use scp but disallow ssh >access. I've tried to set the shell to /bin/false but then even scp >won't be accessible (does anybody know why??). > >This machine does not have an ftpd installed (and I don't want to). > >Is there a way to restrict an ssh user to scp only? > >Thx, > >Volker > >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- "There are people who cheat on their spouse but not at cards, and vice versa, and both and neither. Reputation is not necessarily portable from one situation to another, and it's not easily expressed." --Clay Shirkey. (http://www.shirky.com/writings/group_enemy.html) "It has been said that man is a rational animal. All my life I have been searching for evidence which could support this." --Bertrand Russell. "The American empire is ideological, not territorial. We are the most ideological people in the world, and we are so united in our view that we don't understand there can be other views." --Lt. Gen. William Odom, ret. (Former Director of NSA).