From owner-freebsd-questions@FreeBSD.ORG Thu Mar 30 13:55:02 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16D2516A401 for ; Thu, 30 Mar 2006 13:55:02 +0000 (UTC) (envelope-from erik.norgaard@atosorigin.com) Received: from aomailrelay01.atosorigin.es (aomailrelay01.ATOSORIGIN.ES [212.170.156.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 28A3043D46 for ; Thu, 30 Mar 2006 13:55:00 +0000 (GMT) (envelope-from erik.norgaard@atosorigin.com) Received: from conversion-daemon.aomailrelay01.atosorigin.es by aomailrelay01.atosorigin.es (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) id (original mail from erik.norgaard@atosorigin.com) for questions@freebsd.org; Thu, 30 Mar 2006 16:09:30 +0200 (Romance Daylight Time) Received: from kubrick.es.int.atosorigin.com (fodo.es.int.atosorigin.com [172.24.0.99]) by aomailrelay01.atosorigin.es (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with SMTP id for questions@freebsd.org; Thu, 30 Mar 2006 16:07:32 +0200 (Romance Daylight Time) Received: From mailmad05.es.int.atosorigin.com ([172.24.0.162]) by kubrick.es.int.atosorigin.com (WebShield SMTP v4.5 MR2) ; id 1143726957421; Thu, 30 Mar 2006 15:55:57 +0200 Received: from [172.24.8.84] by mailmad05.atosorigin.es (iPlanet Messaging Server 5.2 HotFix 1.26 (built Mar 31 2004)) with ESMTPA id for questions@freebsd.org; Thu, 30 Mar 2006 15:54:10 +0200 (Romance Daylight Time) Date: Thu, 30 Mar 2006 15:52:52 +0200 From: Erik Norgaard To: questions@freebsd.org Message-id: <442BE2B4.601@atosorigin.com> Organization: Atos Origin, Spain MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=UTF-8 Content-transfer-encoding: 7BIT User-Agent: Thunderbird 1.5 (X11/20060118) Cc: Subject: ssh-tunnel only accounts X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2006 13:55:02 -0000 Hi: How do I add a user such that he can only establish a tunnel to some other service running on the host? that is, what shell do I need? Is there a way to restrict further what services they can connect to? Thanks, Erik -- Atos Origin, Madrid Phone: +34 91 214 8617 ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente. Pueden estar protegidos por secreto profesional Si usted recibe este correo electronico por error, gracias de informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus ------------------------------------------------------------------