Spruell, Darren-Perot wrote: >From: Rico [mailto:[EMAIL PROTECTED] > > >>Reading the last couple of days of sftp/scp's posts and reading up on >>the achives I just wanted to ask.. >> >>Would it be a bad idea to extend OpenSSH with some extra feaures like: >> >>1. In sshd_config - making it possible to provide a sftp/scp only >>connection. Like "AllowUsers" having a "SCPOnlyUsers". >> >>2. Making it possible to jail some of the SCP only users with another >>option like "SCPJailedUsers". >> >>I am not a developer and I am just asking about if this maybe >>is a bad >>idea. >> >> > >It is a fantastic idea. > >Nick just laid out the process for building and submitting patches, too, so >I think your diffs can be sent in any time now... ;) > >If it was a simplistic task, and had a high chance of not being 100,000 >lines worth of spaghetti mess code that lowered the security of OpenSSH, I'd >guess it would have probably been implemented already. > >DS > > If I rememebr there is a shell rssh available exactly for this purpose, it implemnts user based scp/sftp permissions and it even has options for restricting cvs over ssh
