SSH ok, SFTP ok , SCP broken... custom shell
Frank Cusack
fcusack at fcusack.com
Fri Dec 9 11:19:07 EST 2005
On December 9, 2005 10:59:49 AM +1100 Darren Tucker <dtucker at zip.com.au> wrote:
> Graeme Tattersall wrote:
>> if [ grep $LOGNAME /etc/shell.allow 2>&1 > /dev/null ]
>
> Also, you should match against a complete line not a substring. If user
> "foobar" is in shell.allow, then this will permit users "foo" and "bar"
> as well. You can do this with egrep and regex anchors, eg
>
> if egrep "^$LOGNAME$" /etc/shell.allow
'grep -x' is better.
-frank
More information about the openssh-unix-dev
mailing list