Date: Thu, 17 Feb 2005 10:53:55 +0100 From: Eilko Bos <tafkam@brasapen.org> To: ???????????? ?????? <jamper@mosline.ru> Cc: freebsd-questions@freebsd.org Subject: Re: login permission over scp Message-ID: <20050217095355.GB16854@webmail.home.brasapen.org> In-Reply-To: <111442689.20050217114211@mosline.ru> References: <111442689.20050217114211@mosline.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, >From the keyboard of ???????????? ??????, written on Thu, Feb 17, 2005 at 11:42:11AM +0300: > i need only secure copy, but must give full user shell to user user1@A > on host B. if attaker take control of A, he can shell to user@b > > setting /sbin/nologin to shell user@B- scp not work > > what can i do to reduce permission user@b You can use rssh from the ports: $ cat /usr/ports/shells/rssh/pkg-descr rssh is a Restricted Secure SHell that allow only the use of sftp or scp. It could be use when you need an account (and a valid shell) in order to execute sftp or scp but when you don't want to give the possibility to log in to this user. WWW: http://www.pizzashack.org/rssh/index.shtml - enigmatyc enigmatyc@laposte.net $ Grtz, -- Eilko.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050217095355.GB16854>