restricting non-pty cmds with passwd auth
Jeremy Jackson
jerj at coplanar.net
Fri Sep 24 00:13:48 EST 2004
I thought forced commands were only available when using public key
authentication? This environment uses passwords.
I'm aware of rssh, I was hoping there was something built in to Openssh.
Thanks,
Jeremy
Damien Miller wrote:
> Jeremy Jackson wrote:
>
>>Hi,
>>
>>I'm looking for a way to force users to use a pty and their login shell.
>> They have a .profile that forces them to use a specific application.
>>They are currently logging in with telnetd, so this is effective. I
>>want to move to openssh, but this would allow "ssh user at host /bin/sh"
>>and any other commands they can think of to bypass this restriction.
>>
>>Is there a way to make openssh as restrictive at the current environment?
>
>
> You can make the forced command the user's shell, or use a custom
> restricted shell like rssh.
>
> -d
More information about the openssh-unix-dev
mailing list