Blocking port forwarding etc.
From: Richard Caley (_at_)
Date: 05/28/03
- Next message: Mike: "Re: openssh only in one direction"
- Previous message: Richard Caley: "Re: authorized_keys and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 May 2003 07:52:01 GMT
Is it possible to block port forwarding and do other such things which
can be done in the authorised-keys file on a per-user basis but for
password logins?
I have an account which I use purely to connect to CVS. This is
currently set up lines in authorized-keys which enforce that command
and block port forwarding.
However, it is occasionally useful to check something out of CVS onto
a machine where it would be convinient just to use a password to
access, rather than setting up a key for one session and then removing
it.
It would be nice to be able to allow password access with the same
kind of restrictions I can impose on public key authorisation.
The only option I see is to install a restricted shell for the user,
but that won't block port forwarding.
--
Mail me as MYFIRSTNAME@MYLASTNAME.org.uk _O_
|<
- Next message: Mike: "Re: openssh only in one direction"
- Previous message: Richard Caley: "Re: authorized_keys and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
