On Fri, Jun 25, 2004 at 03:45:24PM +0900, Rob wrote:
> 
> Hi,
> 
> I have a cluster of PCs, on which the 'slaves' used to only allow rsh
> connections, to execute commands, but no logins.
> 
> I have removed the r-commands, and want to use the ssh command family
> instead. Although 'ssh slaveN command' works fine, this also allows login
> to the slave PC, simply by typing 'ssh slaveN'.
> 
> How can I configure sshd, so that it will allow remote command execution,
> but will refuse logins?
> 
> Thanks,
> Rob.

I'd say you could give the users no shell (if they shouldn't have shell
access to the machine in any other way), by setting their default shell
to /sbin/nologin.  You can do that with the chsh(1) command.  

Then again, they may still be able to start a shell with 
        'ssh <remote-machine> tcsh'
so maybe you should chmod /bin/sh and /bin/tcsh to 550.  

GH
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to