restricting non-pty cmds with passwd auth
Damien Miller
djm at mindrot.org
Thu Sep 23 16:30:57 EST 2004
Jeremy Jackson wrote:
> Hi,
>
> I'm looking for a way to force users to use a pty and their login shell.
> They have a .profile that forces them to use a specific application.
> They are currently logging in with telnetd, so this is effective. I
> want to move to openssh, but this would allow "ssh user at host /bin/sh"
> and any other commands they can think of to bypass this restriction.
>
> Is there a way to make openssh as restrictive at the current environment?
You can make the forced command the user's shell, or use a custom
restricted shell like rssh.
-d
More information about the openssh-unix-dev
mailing list