Re: secure port forwarding without shell access
From: Andrew Schulman (andrex_at_deadspam.com)
Date: 09/29/04
- Next message: Neil W Rickert: "fatal: buffer_get: trying to get more bytes 4 than in buffer 0"
- Previous message: Gerald Holl: "sshd delay after failed login"
- In reply to: robert: "secure port forwarding without shell access"
- Next in thread: robert: "Re: secure port forwarding without shell access"
- Reply: robert: "Re: secure port forwarding without shell access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 15:09:44 -0400
> Those users that are "restricted" have been usermod -s "/bin/rbash"
> username
> and /bin/rbash mode is 755 owned by root and contains :
>
>
> #!/bin/bash
> /bin/bash -r >/dev/null 2>&1
> tail -f /dev/null
Why not just give them a shell of /bin/false? Then they can't have
shell access at all, but they can still forward ports.
-- To reply by email, change "deadspam.com" to "alumni.utexas.net"
- Next message: Neil W Rickert: "fatal: buffer_get: trying to get more bytes 4 than in buffer 0"
- Previous message: Gerald Holl: "sshd delay after failed login"
- In reply to: robert: "secure port forwarding without shell access"
- Next in thread: robert: "Re: secure port forwarding without shell access"
- Reply: robert: "Re: secure port forwarding without shell access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
