Am 20.12.21 um 16:14 schrieb richard lucassen: >> In short: forget about it. If you're allowing users SSH access for >> X2Go, they WILL be able to copy data. You can make it a little harder >> for them if you think you have to, but as long as they are in control >> of the client hardware, they will always be able to do so. > I have no complete answer to it, but if you use keys instead of > user/pass then you will be able to restrict ssh in > ~/.ssh/authorized_keys > > from="1.2.3.4,2.3.4.5,9.8.7.6",no-port-forwarding,command="/path/to/script",no-X11-forwarding,no-agent-forwarding,no-pty > ssh-rsa <key> > > (all in 1 line) > > This is an example of what I use here, I think there must be many other > options available. > > see "man authorized_keys"
That's all fine for non-interactive commands or simple scripts. But have you tried to use this with X2Go? Even with commandline-only tools like vim or mc, this becomes a royal PITA (and yes, I know about rvim). -Stefan -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 _______________________________________________ x2go-user mailing list x2go-user@lists.x2go.org https://lists.x2go.org/listinfo/x2go-user
