Restrict commands available in an SFTP session
Damien Miller
djm at mindrot.org
Tue Feb 10 13:13:09 EST 2009
On Mon, 9 Feb 2009, Jason Dickerson wrote:
> I am currently running OpenSSH 4.3. I would like to restrict the commands
> SFTP users can run to a list. For example, "put, get, mput, mget, mkdir,
> rmdir, and rm". Is this possible with OpenSSH? I have seen many posts
> concerning chroot'ing and the Forced Command option, but none of these
> solution address restricting the commands actually available inside the SFTP
> subsystem. Any insight would be greatly appreciated.
This isn't supported, or planned. You can perform fairly effective
restriction with file/directory permissions alone.
-d
More information about the openssh-unix-dev
mailing list