Re: Solaris 9 sftp-server
From: R.A.Owen (rao3@leicester.ac.uk)
Date: 04/09/03
- Previous message: David M. Fetter: "Re: Solaris 9 sftp-server"
- In reply to: David M. Fetter: "Re: Solaris 9 sftp-server"
- Next in thread: Darren J Moffat: "Re: Solaris 9 sftp-server"
- Reply: Darren J Moffat: "Re: Solaris 9 sftp-server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 9 Apr 2003 09:23:10 +0100 (BST) From: "R.A.Owen" <rao3@leicester.ac.uk>
> BAUMLER Julie L wrote:
> > We're using Sun's ssh sftp server on Solaris 9 for some (internal) customer
> > file tranfers. But, we don't want to allow these people to login or run
> > commands with ssh. The usual methods to restrict login (/bin/false, "exit"
> > in shell profile files, ...) block both or don't work. We need to be able
> > to track file reads and writes, so we need the BSM support of the Solaris
> > version of ssh. Has anyone else run across this?
Dose making /usr/lib/ssh/sftp-server the login shell work?
With openssh and rsa or dsa private key login I bound the private key to
only run /usr/lib/ssh/sftp-server (or openssh equiv). That seemed to
work. Dont give your "customer" the password to the account and then all
they can run is sftp! - maybe some variation of this may help.
Good luck
Alex Owen
- Previous message: David M. Fetter: "Re: Solaris 9 sftp-server"
- In reply to: David M. Fetter: "Re: Solaris 9 sftp-server"
- Next in thread: Darren J Moffat: "Re: Solaris 9 sftp-server"
- Reply: Darren J Moffat: "Re: Solaris 9 sftp-server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
