Re: HowTo Disable execution of commands whit ssh and scp/sftp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Do, den 11.03.2004 schrieb Dario Lesca um 18:44:
> Hi, someone know howto disable the execution of any command via ssh and
> disable the scp/sftp service?
> 
> OK; ssh user@host 
> NO: ssh user@host cat /etc/passwd
> NO: scp user@host:/etc/passwd /tmp
> NO: sftp user@host
> 
> Many thanks!

The keyword is "chroot" or "jail". It means to ban a user into his home
and limit commands to those inside the chroot.

This sounds simple but it is not. There are a few howtos available (do a
google search), but they can let experienced users escape from chroot.
For a real solution it needs the use of kernel patches and ACLs like
grsecurity or - which comes with FC2 - SELinux.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2174.nptl
Sirendipity 18:54:33 up 2 days, 19:14, load average: 1.13, 1.17, 1.15 
                   [ ÎÎÏÎÎ Ï'ÎÏÏÎÎ - gnothi seauton ]
             my life is a planetarium - and you are the stars





[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux