Re: openssh: Enabling sftp, but disabling ssh?



Hi,
I came across something which could be the solution for your problem in the
subversion manual, see

http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sshtricks

they basically use the authorized keys file for a single user to authenticate
multiple users. Then there is an option to restrict the invoked commands. I
however do not know about any further documentation of this feature.

Best,
Jan Metzger


Am Dienstag, 5. September 2006 15:25 schrieb Mark Holden:
Does anybody know if it's possible, using openssh, to allow file
transfer to/from a machine, using sftp, for a specific userid, and
disallow ssh login/remote command execution for that same userid? Other
userids on the machine should be unaffected.

We would like to create a user which has a home directory and r/w access
to a specific dropbox directory (possibly event make the dropbox the
home directory for the user). All attempts to play with /etc/passwd and
retricted bash have been in vain, and I haven't been able to see any
config options in sshd_config for it. No luck googling on it either--it
does appear others have tried this and in some cases have some kind of
hacked-up setup (partially?) working. I'm looking for a more standard
solution.

Any help is greatly appreciated...

Thanks,
Mark