Re: allow psftp or pscp but not ssh
From: Stein Arne Storslett (sastorsl_at_THOU.SHALT.NOT.SPAM.broadpark.no)
Date: 05/13/05
- Next message: Nico Kadel-Garcia: "Re: allow psftp or pscp but not ssh"
- Previous message: Ezechiele_25-17: "Re: [Help needed]: SSH tunnel between OSX and SUSE Linux fw"
- In reply to: Yannick CHAMPS: "Re: allow psftp or pscp but not ssh"
- Next in thread: Nico Kadel-Garcia: "Re: allow psftp or pscp but not ssh"
- Reply: Nico Kadel-Garcia: "Re: allow psftp or pscp but not ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 May 2005 09:25:53 GMT
<yannick@pfnet.pf> wrote in <638398f4.0505121058.22dfc879@posting.google.com>:
> Stein Arne Storslett <sastorsl@THOU.SHALT.NOT.SPAM.broadpark.no>
> wrote in message news:<qakge.9747$SL4.220551@news4.e.nsc.no>...
>> <yannick@pfnet.pf> wrote in <638398f4.0505091250.5390909f@posting.google.com>:
>> > Hi,
>> >
>> > I use redhat AS3 with the default sshd configuration and putty as
>> > windows ssh client. Is it possible to allow only file transfert via
>> > psftp or pscp and deny access to ssh. I don't want users to login via
>> > ssh into the server, only file transfert is permitted. I read the
>> > /etc/ssh/sshd_config but found nothing to help me.
>>
>> Take a look at RSSH - http://www.pizzashack.org/rssh/index.shtml
>>
>> There should be a package for RedHat for that. There you can control
>> wether a user can scp, sftp, rsync, etc.
>>
>> You can also take a look at scponly and sftponly.
>>
>> You might also want to look into chroot'ing the user, but that's a whole
>> new chapter.
>
> Thank you for this link, but scponly allows users to browse the file
> system, I will try the chroot option but it not trivial. Is there an
> other way to lock users in their home directory ?
Openssh does not (last time I checked) support "built-in" chroot'ing. I
think the commercial SSH do, but I'm not sure.
So then you are faced with your OS' way of chroot'ing. It's not trivial,
that's true, but there should be a lot of HOWTO's out there.
I would think that if anybody would do the work on either openssh or a
utility like rssh/scponly/sftponly there would be a lot of "buyers". I
would definately throw myself over it.
-- Stein Arne
- Next message: Nico Kadel-Garcia: "Re: allow psftp or pscp but not ssh"
- Previous message: Ezechiele_25-17: "Re: [Help needed]: SSH tunnel between OSX and SUSE Linux fw"
- In reply to: Yannick CHAMPS: "Re: allow psftp or pscp but not ssh"
- Next in thread: Nico Kadel-Garcia: "Re: allow psftp or pscp but not ssh"
- Reply: Nico Kadel-Garcia: "Re: allow psftp or pscp but not ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
