Re: SSH access restrictions

To: Rudi Starcevic <rudi@oasis.net.au>, debian-isp@lists.debian.org
Subject: Re: SSH access restrictions
From: Russell Coker <russell@coker.com.au>
Date: Sat, 18 Oct 2003 11:43:38 +1000
Message-id: <[🔎] 200310181143.38886.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 3F9095FF.4050202@oasis.net.au>
References: <[🔎] 3F9095FF.4050202@oasis.net.au>

On Sat, 18 Oct 2003 11:23, Rudi Starcevic wrote:
> For example once he/she is logged in is there any way to deny, say,
> reading the /etc/passwd file ?
> Can they be restricted like the way a user can be restricted using FTP ?

I have heard of people setting up chroot environments for ssh accounts which 
is the same restriction as is usually used for anonymous FTP.

But for file access there is no way of doing it using Unix permissions.  If 
you use a security system such as SE Linux, systrace, RSBAC, or GRSEC then 
you can do such things.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

References:
- SSH access restrictions
  - From: Rudi Starcevic <rudi@oasis.net.au>

Prev by Date: SSH access restrictions
Next by Date: Re: Best way to update perl on Woody Stable ?
Previous by thread: SSH access restrictions
Next by thread: Re: SSH access restrictions
Index(es):
- Date
- Thread