Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 6 Jun 2004 23:38:55 -0700 (PDT)
From:      Doug Barton <DougB@FreeBSD.org>
To:        Dan Rue <drue@therub.org>
Cc:        "David E. Meier" <dev@eth0.ch>
Subject:   Re: [Freebsd-security] Re: Multi-User Security
Message-ID:  <20040606233720.F1850@ync.qbhto.arg>
In-Reply-To: <20040520033024.GA26640@therub.org>
References:  <20040518160517.GA10067@therub.org> <OPEPILILPLAKPFCNKOKAGEGHCBAA.remko@elvandar.org> <20040520033024.GA26640@therub.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 19 May 2004, Dan Rue wrote:

> You obviously havn't tried to chroot scponly users.. _that's_ the tricky
> part.  Especially if you want it to scale up beyond a handful of users.
> If i'm wrong - fill me in i'd love to hear how to do it.

Have you considered using ~/.ssh/authorized_keys to restrict the account 
from tty access? This would allow you to do commands (like scp) without 
the risk of the user getting an actual shell.

Doug

-- 

     This .signature sanitized for your protection



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040606233720.F1850>