Find the answer to your Linux question:
Results 1 to 2 of 2
Hi all, I search an efficient way to restrict ssh connections to only run a specific command. It is intended to be used automaticaly. Say the user name is "check" ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2009
    Posts
    2

    Restricted ssh


    Hi all,

    I search an efficient way to restrict ssh connections to only run a specific command. It is intended to be used automaticaly. Say the user name is "check" and the command is "ps", and used by a remote monitoring host.

    If I only modify the shell into /etc/passwd to be "ps", then anyone able to ssh to this host with "check" as username will be able to ask ssh to launch another shell or whatever he want. Even scp and port forwarding are accessible because they are standard feature of sshd. And because the regular users of this computer have to use them. I then can't disable them.

    1 - is there anything I can do to restrict this user "check" to only run "ps" with ssh ?
    2 - if I launch a second sshd (with a different configuration file of course, and a different listening port), what can I do to fully restrict this user ?
    3 - ... or a better idea ?

  2. #2
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Remove him from the group users and allow him to only execute that program.
    New Users, please read this..
    Google first, then ask..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •