restricting non-pty cmds with passwd auth

Jeremy Jackson jerj at coplanar.net
Fri Sep 24 00:13:48 EST 2004


I thought forced commands were only available when using public key 
authentication?  This environment uses passwords.

I'm aware of rssh, I was hoping there was something built in to Openssh.

Thanks,

Jeremy

Damien Miller wrote:
> Jeremy Jackson wrote:
> 
>>Hi,
>>
>>I'm looking for a way to force users to use a pty and their login shell. 
>>  They have a .profile that forces them to use a specific application. 
>>They are currently logging in with telnetd, so this is effective.  I 
>>want to move to openssh, but this would allow "ssh user at host /bin/sh" 
>>and any other commands they can think of to bypass this restriction.
>>
>>Is there a way to make openssh as restrictive at the current environment?
> 
> 
> You can make the forced command the user's shell, or use a custom
> restricted shell like rssh.
> 
> -d




More information about the openssh-unix-dev mailing list