List of allowed commands to run

Peter Stuge stuge-openssh-unix-dev at cdy.org
Sat May 19 06:03:17 EST 2007


On Fri, May 18, 2007 at 08:18:24PM +0200, perret.yannick wrote:
> So my questions:
> - is there a simplier/nicer way to do that (or even maybe it is
> still possible without any change)
> - does my modification is correct (I mean is it the good way to
> perform a such modification)?

This problem is better solved by the shell. All commands that sshd
execute on behalf of the client use the shell, and since there may
be other ways for the user to access the system, sshd is not a very
good place for these restrictions.

You could look at rssh for an example of a restricted shell.


//Peter


More information about the openssh-unix-dev mailing list