OpenSSH sshd: per-user restrictions and scp-only

Nick Eggleston nick at dccinc.com
Thu Jan 10 02:00:27 EST 2002


Greetings!

Non-list subscriber, so please be sure to include me on replies.

I want to be abut to set up sshd so that I can restrict the remote user's
activities.  In particular, I want...

1.  no shell.  I want them to be able to do scp and maybe port forwarding,
but I DO NOT want them to be able to start up any shell or anything else!

2.  i want to be able to restrict them to be able to do port forwarding
ONLY to the the ip address and port number I specifiy.

without these kinds of controls, ssh becomes kind of a risky proposition
as opposed to, say, sslftp, whick only allows access to files.

Hopefully, others have noticed these same problems and have some
solutions.

Thanks for your time!!




More information about the openssh-unix-dev mailing list