On 08/13/2018 08:06 AM, Didier Kryn wrote: > But allowing ssh connections with a restricted shell permitting only > the commands used by rsync could be the way. But you would probably need > to forbid the fancy features of ssh, like port forwarding.
If they use SSH keys (and only keys) for authentication then rsync restrictions can be set in the authorized_keys file but requires a bit of fiddling to get the right options. Running rsync with the SSH client in verbose mode gives you the details needed to set in the key file: rsync -e 'ssh -v' -avH /some/source/dir u@there:/some/dir/ Then see 'command="command"' in the AUTHORIZED_KEYS FILE FORMAT section of the manual page for sshd(8) for that. Once done, that is rather solid on its own but could still be used in conjunction with a restricted shell. The prerequisite is for a locked down SSH key is that the group of users to be affected doesn't have access the authorized keys files. The accounts need to be able to read their own own keys but not write them. And perhaps it is best if it cannot read the keys for other accounts. Match Group lockedin AuthorizedKeysFile /etc/ssh/keys/%u/authorized_keys Or something similar if you are more careful with the file permissions. Match Group lockedin AuthorizedKeysFile /etc/ssh/authorized_keys/%u What scale are you looking at, 10s, 100s, 1000s, or more? /Lars _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng