Date: Sun, 27 Jun 2004 00:13:20 +0200 From: Geert Hendrickx <geert.hendrickx@ua.ac.be> To: Rob <stopspam@users.sourceforge.net> Cc: freebsd-questions@freebsd.org Subject: Re: Configure ssh to behave like rsh. How? Message-ID: <20040626221320.GA6187@lori.mine.nu> In-Reply-To: <40DBCA04.30203@users.sourceforge.net> References: <40DBCA04.30203@users.sourceforge.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 25, 2004 at 03:45:24PM +0900, Rob wrote: > > Hi, > > I have a cluster of PCs, on which the 'slaves' used to only allow rsh > connections, to execute commands, but no logins. > > I have removed the r-commands, and want to use the ssh command family > instead. Although 'ssh slaveN command' works fine, this also allows login > to the slave PC, simply by typing 'ssh slaveN'. > > How can I configure sshd, so that it will allow remote command execution, > but will refuse logins? > > Thanks, > Rob. I'd say you could give the users no shell (if they shouldn't have shell access to the machine in any other way), by setting their default shell to /sbin/nologin. You can do that with the chsh(1) command. Then again, they may still be able to start a shell with 'ssh <remote-machine> tcsh' so maybe you should chmod /bin/sh and /bin/tcsh to 550. GH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040626221320.GA6187>