Date: Fri, 25 Apr 2008 19:50:47 +0000 (UTC) From: D Hill <d.hill@yournetplus.com> To: freebsd-questions@freebsd.org Subject: Re: restrict ssh access Message-ID: <alpine.BSF.1.10.0804251943250.62384@duane.dbq.yournetplus.com> In-Reply-To: <472410BF12BC19695178209A@utd65257.utdallas.edu> References: <1209131161.14700.4.camel@puk> <BCBF8C55-3A54-4DA7-AC76-32A217EFB4FB@mac.com> <alpine.BSF.1.10.0804251635570.60886@duane.dbq.yournetplus.com> <472410BF12BC19695178209A@utd65257.utdallas.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Apr 2008 at 14:30 -0500, pauls@utdallas.edu confabulated: > --On Friday, April 25, 2008 16:41:07 +0000 D Hill <d.hill@yournetplus.com> > wrote: > >> On Fri, 25 Apr 2008 at 09:30 -0700, cswiger@mac.com confabulated: >> >>> On Apr 25, 2008, at 6:46 AM, Geert Geurts wrote: >>>> I've got a server running a ssh server, I want to enable ssh for the use >>>> of sftp by a group of users, and limit their ssh access to just allow >>>> running passwd so they can change their default password. What whould be >>>> the best/easiest way to acomplish this, or something similiar? >>> >>> I wonder what would happen if you gave them a shell of >>> "/usr/bin/passwd"...? >>> :-) >> >> That should work. I just tested. When an ssh connection is made, it >> executes >> passwd. As soon as the password is changed, the ssh connection was closed: >> >> %ssh -l asdf 192.168.1.50 >> Password: >> ... >> Changing local password for asdf >> Old Password: >> New Password: >> Retype New Password: >> Connection to 192.168.1.50 closed. > > Should make for some fascinating experiences with sftp. :-) I believe the connecton would just close. Somehow I missed that sftp part :-(
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.10.0804251943250.62384>