Re: Howto deny a sftp connection
- From: Darren Tucker <dtucker@xxxxxxxxxxxxxxxxx>
- Date: 20 Dec 2005 23:30:40 GMT
On 2005-12-20, Richard E. Silverman <res@xxxxxxxx> wrote:
>>>>>> "HK" == Hermann <kein@xxxxxxxx> writes:
>
> HK> Hey guys, how can I deny a login via scp, sftp or a winscp
> HK> connetion? I only know, that this is a non-interactive
> HK> connection. What are the parameters for the sshd.conf?
>
> You can turn off the usual sftp by removing the sftp subsystem from
> sshd_config. However, there is no easy general way to prevent scp, since
> it is simply a remote command (and in fact, one can get sftp to work the
> same way).
You could remove execute permissions from the sftp-server and scp binaries
(or make them group-execute only for a certain group) but that still
won't stop people transferring files via other means (eg "ssh server
cat /foo/bar >bar").
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
.
- References:
- Howto deny a sftp connection
- From: Hermann
- Re: Howto deny a sftp connection
- From: Richard E. Silverman
- Howto deny a sftp connection
- Prev by Date: Re: Howto deny a sftp connection
- Next by Date: ssh transfert log "Urgent"
- Previous by thread: Re: Howto deny a sftp connection
- Next by thread: Re: Howto deny a sftp connection
- Index(es):
Relevant Pages
|
|
