Re: limiting shell access with ssh, allowing sftp

From: Burak Bilen (bilen_at_metu.edu.tr)
Date: 03/26/04

  • Next message: Tony_Schloss_at_ao.uscourts.gov: "Re: limiting shell access with ssh, allowing sftp"
    Date: Fri, 26 Mar 2004 11:59:00 +0200
    To: Lech Lobocki <Lech.Lobocki@is.pw.edu.pl>
    
    

    with ssh-3.2.9 you set the user's shell as
    /usr/local/bin/ssh-dummy-shell (or whatever your path) instead of
    /bin/bash or /bin/sh. Then this user can only use sftp; no shell access.
    I hope the same thing applies to openssh.

    Lech Lobocki wrote:

    > Hi,
    > I would like to disable remote shell access via OpenSSH for a certain
    > group of users, while still
    > allowing them to use the sftp service. Is there a way to do so?
    >
    > Lech Lobocki,
    > Warsaw University of Technology
    >


  • Next message: Tony_Schloss_at_ao.uscourts.gov: "Re: limiting shell access with ssh, allowing sftp"

    Relevant Pages

    • Mixing Public Key and Password authentication
      ... I am looking at installing SSH on a file server to provide SFTP and ... I have noticed that several of the SFTP clients on the market, ... Contribute, etc), do not provide to option of authenticating via Public Key. ... what I would like to do is only provide shell access to users ...
      (comp.security.ssh)
    • Re: Want unusual config...
      ... > SFTP in using sftp-server, and have their home directory appear to be the ... > there is no reason for them to need shell access to the server. ... You may need a chroot cage. ... chroot tools built into it, you can easily manage quite a secure little set ...
      (comp.security.ssh)
    • Re: shell access
      ... > how can I set up ftp accounts for certain users so that they can only ... > have ftp access using sftp, ... to copy files off of via scp, without providing shell access, you can use ... Good judgement comes with experience. ...
      (SSH)
    • Want unusual config...
      ... In addition, I'd like *all* users (except root, of course) to be able to ... root of their FTP account. ... In other words, for most users I only want to allow SFTP connections, since ... there is no reason for them to need shell access to the server. ...
      (comp.security.ssh)
    • RE: shell access
      ... have /bin/nologin entry in /etc/shells ... only have ftp access using sftp, but not shell access? ...
      (SSH)