From: Kruse, Jason K. (jason.kruse@teldta.com)
Date: Wed May 15 2002 - 11:35:56 EDT
Thanks to:
Daron.Barndon
Davorin Bengez
Greg Gallagher
Michael C. Ibarra
Jim Jones
Dennis Peterson
Eric Shafto
No real answer that works with Solaris 8/F-Secure.
Responses included:
Scponly: http://sublimation.org/scponly/
rksh - Restricts shell nicely, however sftp still can access directories
/bin/true vs /bin/false (no shell access vs no access at all)
OpenSSH w/chroot patch
We're working on converting to OpenSSH, but until that happens we'll just
have to keep our eyes open.
Jason
> -----Original Message-----
> From: Kruse, Jason K. [mailto:jason.kruse@teldta.com]
> Sent: 5/13/2002 8:47 AM
> To: 'sunmanagers@sunmanagers.org'
> Subject: SSH/SFTP lockdown
>
>
> We have a customer who has requested using sftp to access files on our
> system. I would like to restrict their access to their home
> directory,
> however F-Secure does not provide the chroot ability on Solaris.
>
> I attempted to assign the user a bogus shell like /bin/false
> or noshell but
> sftp just complained. Other than creating a chroot
> environment by hand
> (using jail or something similar) does anyone have other
> suggestions to
> restrict access?
>
> Jason
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:20 EDT