Welcome to Linux Forums!

With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Linux Forum ArticlesLinux ForumsLinux Forum DownloadsLinux Hosts
Home|Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search|
SEARCH FOR IN
Go Back   Linux Forums > GNU Linux Zone > Linux Security
Reload this Page SSH tunnel server, no shell but still able to change pw?
Linux Forums
Linux Forums
Welcome To The Linux Forums!
Welcome to Linux Forums. We pride ourselves in being one of the largest Linux communities on the web, we encourage you to REGISTER on our forums and participate in the community. There are over 150,000 members ready to answer your questions. JOINING US today will allow you to make new posts, get support, send messages to other members and submit downloads to our downloads directory and many other great features!

Linux Security Discussion about keeping your machines secure, and the crackers out.

Reply
 
Thread Tools Display Modes
Old 2 Weeks Ago   #1 (permalink)
humbletech99
Linux Newbie
 
humbletech99's Avatar
 
Join Date: Nov 2005
Posts: 201
SSH tunnel server, no shell but still able to change pw?
I have an SSH tunnel server that some people at work are using instead of a vpn since it's much nicer and simpler.

I don't want to give the users shells at all but I still want them to be able to change their own passwords.

At the moment, they just execute /bin/cat so their session stays open but they cannot get any shell or input any commands.

I am thinking about perhaps making chroots for them instead in which case they can have a shell that has basically no view or access to anything, but I still want them to be able to change their passwords, however if they are in a jail then they cannot get access to the /etc/ files to change their pw.

Any ideas?
__________________
The Human Equation:

value(geeks) > value(mundanes)
humbletech99 is offline   Reply With Quote
Old 1 Week Ago   #2 (permalink)
raghaven.kumar
Linux Newbie
 
raghaven.kumar's Avatar
 
Join Date: Mar 2008
Location: Bangalore, India
Posts: 117
IMO, instead of chroot jail you can have them allowed to
change passwd by adding them to sudoers.

or you can write a script
to get new pass from them
store it encrypted
and then synchronise the same with /etc/passwd on logout.

Just a suggestion!
raghaven.kumar is offline   Reply With Quote
Old 1 Week Ago   #3 (permalink)
humbletech99
Linux Newbie
 
humbletech99's Avatar
 
Join Date: Nov 2005
Posts: 201
cannot say I like either of those ideas at all.

I may just look to integrate with AD to solve this I think...
__________________
The Human Equation:

value(geeks) > value(mundanes)
humbletech99 is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT. The time now is 04:38 AM.

Contact Us | Advertise | Archive | Top
Powered by vBulletin 3.6.8 ©2000 - 2007, content relevant URLs by vBSEO, Property of Core Root.

Content Relevant URLs by vBSEO 3.0.0