Do you have a question? Post it now! No Registration Necessary. Now with pictures!
June 9, 2006, 2:22 am
rate this thread
login shells) to enable only SFTP and not an ssh shell for a given user? ie
something in the server config file along the lines of:
sftponly foobar1 foobar2
(or for shells only)
shellonly foobar3 foobar4
I know this has been brought up before in various forms and this newsgroup and
it seems like for some people (me included) this functionality would be
appreciated. From a programming standpoint, this wouldn't be tooooo hard to add
to openssh would it?
Re: Possible feature request
David> Is there an "official" way (with out user-made scripts or
David> playing tricks with login shells) to enable only SFTP and not
David> an ssh shell for a given user? ie something in the server
David> config file along the lines of:
David> sftponly foobar1 foobar2 (or for shells only) shellonly foobar3
The easiest way is to require publickey authentication and use a forced
command -- however, you then have to be careful to prevent the user from
modifying his own authorization file. But there's nothing direct. Other
implementations have more fine-grained control over what kind of channels
the client is allowed to open; the VanDyke SSH server can do this.
- » Anyone got the SSH Session Loging patch to work under AIX 5.2?
- — Next thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum