Re: CVS over ssh question

From:
Date: 09/05/02


Date: Thu, 5 Sep 2002 16:22:26 +0000 (UTC)

On Wed, 04 Sep 2002 17:12:28 -0000,
    Tom Maddox <tmaddox@grace.speakeasy.net> wrote:
> Hi, all,
>
> Sorry for the cross-post, but I've got an obscure question, and I'm not sure
> what the best forum for it is.
>
> Here's the scenario:
> The company I'm at wants a remote group of developers to be able to access
> our CVS repository securely over an encrypted connection, to which end I've
> set up ssh tunneling. I've got that working fine, but another requirement
> has been put on me, namely that the remote developers not be allowed shell
> access to the CVS machine, and I can't figure out a good way to accomplish
> that while still allowing CVS access over ssh.
>
> I've tried using /bin/false as a shell as well as a simple text file
> containing an error message, but both cause ssh to return an error code and
> drop the connection. Basically, it seems like I need a shell that will do
> nothing while a user is connected. Anyone have a suggestion?
>
You could set up a vpn connection using pppd via ssh - set their shell to
/usr/sbin/pppd

You either need to use sudo or mess with groups and modes on pppd
chgrp vpn /usr/sbin/pppd
chmod 4750 /usr/sbin/pppd

etc.

Regards,

Tim.

-- 
God said, "div D = rho, div B = 0, curl E = - @B/@t, curl H = J + @D/@t," 
and there was light.

http://tjw.hn.org/ http://www.locofungus.btinternet.co.uk/



Relevant Pages

  • Re: CVS over ssh question
    ... Tom Maddox wrote: ... > has been put on me, namely that the remote developers not be allowed shell ... > access to the CVS machine, and I can't figure out a good way to accomplish ... > that while still allowing CVS access over ssh. ...
    (comp.os.linux.security)
  • Re: CVS over ssh question
    ... > access our CVS repository securely over an encrypted connection, ... > which end I've set up ssh tunneling. ... > developers not be allowed shell access to the CVS machine, ...
    (comp.os.linux.security)
  • CVS over ssh question
    ... our CVS repository securely over an encrypted connection, ... that while still allowing CVS access over ssh. ... I've tried using /bin/false as a shell as well as a simple text file ...
    (comp.os.linux.security)
  • Re: Connection timeouts with SSH and CVS
    ... >> I'm having problems using SSH and CVS at my work. ... they timeout before anything starts. ... SSH connection) just fine. ...
    (Debian-User)
  • Re: User tasks in ~/.logout
    ... It should happen at logout time. ... The user quits his work (shell "exit" or ending ... As users connect to the system per SSH, ... has logged out and terminated SSH connection ...
    (freebsd-questions)