scp without permitting shell access, possible?
Jos Backus
josb at cncdsl.com
Fri Dec 15 13:49:12 EST 2000
On Thu, Dec 14, 2000 at 09:28:49PM -0600, mouring at etoh.eviladmin.org wrote:
> I don't see how you can do such a thing without changing how scp
> works. (Which is scp would no longer spawn the user's interactive shell,
> but either spawn /bin/sh w/ no .*rc files.)
Yes, it seems like an all-or-nothing proposal. scp also enables interactive
access, which you'd then have to hack around to close that "hole".
> I'd have to test it.. but you may be able to pull it off with
> sftp-server. But I am not up on my 'subsystem' definations of SSH2.
Me neither. Maybe hsftp helps here?
Thanks,
--
Jos Backus _/ _/_/_/ "Modularity is not a hack."
_/ _/ _/ -- D. J. Bernstein
_/ _/_/_/
_/ _/ _/ _/
josb at cncdsl.com _/_/ _/_/_/ use Std::Disclaimer;
More information about the openssh-unix-dev
mailing list