Am Do, den 11.03.2004 schrieb Dario Lesca um 18:44:
> Hi, someone know howto disable the execution of any command via ssh and
> disable the scp/sftp service?
>
> OK; ssh user@host
> NO: ssh user@host cat /etc/passwd
> NO: scp user@host:/etc/passwd /tmp
> NO: sftp user@host
>
> Many thanks!
The keyword is "chroot" or "jail". It means to ban a user into his home
and limit commands to those inside the chroot.
This sounds simple but it is not. There are a few howtos available (do a
google search), but they can let experienced users escape from chroot.
For a real solution it needs the use of kernel patches and ACLs like
grsecurity or - which comes with FC2 - SELinux.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2174.nptl
Sirendipity 18:54:33 up 2 days, 19:14, load average: 1.13, 1.17, 1.15
[ ÎÎÏÎÎ Ï'ÎÏÏÎÎ - gnothi seauton ]
my life is a planetarium - and you are the stars
