I'm taking a class on system security. We're in teams and we have to allow attacking teams ssh access to our devices.
I'd like to limit the user account access for the other groups, permitting them a shell and a few commands, but no ability to browse the box or do things like cat or cp /etc/passwd. I'm running OpenBSD 4.2 on the server they'll be attacking. I'm an OpenBSD noob. Learning under fire. If someone can help me figure out whether using ssh_config, chroot, or just using permissions will be the easiest, most effective way to go about it, and how to proceed, it will be much appreciated. Alternatives would be great too. Thanks! Ted LeRoy
