Re: Allowing scp access only

From: Nico Kadel-Garcia (nkadel@bellatlantic.net)
Date: 02/04/03


From: "Nico Kadel-Garcia" <nkadel@bellatlantic.net>
Date: Tue, 04 Feb 2003 01:18:51 GMT


"Paul A Sand" <pas@granite.unh.edu> wrote in message
news:slrnb3sr68.1ho.pas@granite.unh.edu...
> In article <qGq%9.151$u13.599@news13-win.server.ntlworld.com>,
> John Hetherington wrote:
> > Is it possible to disable ssh access and only allow scp access. It is
for an
> > upload facility so we don't want to provide shell acess.
>
> There are at least a couple of projects out there that help do this:
>
> rssh (http://www.pizzashack.org/rssh/)
> scponly (http://www.sublimation.org/scponly/)
>
> It's not easy, as both pages describe. Also, commercial SSH
> has this capability built in, or so the scponly page above claims.
>
> We use scponly here (with OpenSSH), although we don't pretend that it
> would stop a determined user from getting a shell.

A chroot cage might be a useful trick, and trying to restrict them to sftp
access only instead of scp.



Relevant Pages

  • Re: Allowing scp access only
    ... > Is it possible to disable ssh access and only allow scp access. ... > upload facility so we don't want to provide shell acess. ...
    (comp.security.ssh)
  • Allowing scp access only
    ... Is it possible to disable ssh access and only allow scp access. ... upload facility so we don't want to provide shell acess. ...
    (comp.security.ssh)