Yay Aaron! I owe you a beer! Thanks,
I was using scponly for a while but it wasn't being kept up. Marcel On Mon, 2003-10-27 at 18:51, Aaron J. Seigo wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > hi all... > > so, wanted to share my cool discovery of the day: how to make a scp/sftp only > account. as you likely know, if you set a user's shell to /bin/false with the > intention of not letting them ssh into the machine, that also cuts off their > ability to scp or sftp in. one may want to offer scp or sftp but _not_ a full > shell via ssh. up till today i didn't have any handy tool to do this, but > today i _had_ to... after a bit of googling i found a small C program that > you can set as the user's "shell" in /etc/passwd and it limits them to sftp > and/or scp. it could be made more clever, i'm sure, and i'm sure that one day > openssh will have such stuff built-in. but until then, i've got this > hand-dandy little app... > > if interested, you can grab the silly thing at: > > http://urbanlizard.com/~aseigo/rssh.c > > there are installation instructions in the source file: > > head -n 52 rssh.c | tail -n 19 > > whee.... > > - -- > Aaron J. Seigo > GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) > > iD8DBQE/ncut1rcusafx20MRAmlIAKCS5b3+tjSO6Ult8DdrQch9Gqh+VQCfTfsE > U/C2e28WxmOIkQL13OOB2Pc= > =Ab3R > -----END PGP SIGNATURE----- -- Marcel Lecker <[EMAIL PROTECTED]>
