List of allowed commands to run
Peter Stuge
stuge-openssh-unix-dev at cdy.org
Sat May 19 08:45:17 EST 2007
On Sat, May 19, 2007 at 12:23:29AM +0200, perret.yannick wrote:
> >> In this case we should use the ForceCommand to set the
> >> restricted shell, right?
> >
> > No, you configure the restricted shell for the user.
>
> Ok. So this is not a solution for us.
Looks like it.
> The restrictions we want to set are for a subset of machines that
> do have AFS but on which "basic" users are not allowed to log on
> (but of course other users can log on, using AFS).
> We are trying to allow them to use a subset of commands, and they
> must use their own account (for unix and AFS restriction) for that.
You could match on a special group and forcecommand, but that
command will still be executed using the user's shell.
//Peter
More information about the openssh-unix-dev
mailing list