SFTP &
Damien Miller
djm at mindrot.org
Wed Jun 25 15:08:50 EST 2014
On Wed, 25 Jun 2014, M?rk Csaba wrote:
> Match Group admin
>
> AllowTCPForwarding yes
>
> X11Forwarding yes
>
> ForceCommand bash
>
>
> Match Group sftp-only
>
> PasswordAuthentication yes
>
> AllowTCPForwarding no
>
> X11Forwarding no
>
> ForceCommand internal-sftp
>
>
> This config works well for SFTP users ? but if a user is a member of
> both group, the SFTP client fails to connect. Obviously because of the
> ForceCommand.
"Match group sftp-only,!admin" for the second case might and removing
the "ForceCommand bash" from the first might work.
More information about the openssh-unix-dev
mailing list