Date: Wed, 4 May 2011 20:04:59 +0400 From: Peter Vereshagin <peter@vereshagin.org> To: freebsd-questions@freebsd.org Subject: Re: Limitting SSH access Message-ID: <20110504160459.GB5327@external.screwed.box> In-Reply-To: <BANLkTinTG6koR3H-=6D%2BZxkh6cbYNPgcHw@mail.gmail.com> References: <07CAE521148F4E7392202CD6B031F504@jarasc430> <4DC139F7.9080109@infracaninophile.co.uk> <BANLkTinnErTDZYwsV8OgzRfbMTXoHzQeMw@mail.gmail.com> <BANLkTinSmbwOzya3we70Dn-RHb4Xg5sBwA@mail.gmail.com> <BANLkTinTG6koR3H-=6D%2BZxkh6cbYNPgcHw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Wake me up when September ends, freebsd-questions! 2011/05/04 16:47:33 +0100 Chris Rees <utisoft@gmail.com> => To krad : CR> > > > > Is it possible to limit the SSH access? CR> > > Regarding ssh login, I usually use "rbash" from the ports, that CR> restricts CR> Or you could have a special /bin-restricted that you nullfs mount into CR> ~userN/bin. I personally should like to have a quick recipe on how to create such a limited set of binaries ( libraries, mans, etc., each mounted with nullfs read-only to every such a user's home ) from the 'world' build. Some options like the rsync I consider to be a must in some cases so this should include the ports availability, isn't it? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110504160459.GB5327>