Re: SSH access restrictions

To: debian-isp@lists.debian.org
Subject: Re: SSH access restrictions
From: Marc Schiffbauer <marc@schiffbauer.net>
Date: Sat, 18 Oct 2003 14:24:23 +0200
Message-id: <[🔎] 20031018122423.GC20123@lisa>
Mail-followup-to: debian-isp@lists.debian.org
In-reply-to: <[🔎] 3F9095FF.4050202@oasis.net.au>
References: <[🔎] 3F9095FF.4050202@oasis.net.au>

* Rudi Starcevic schrieb am 18.10.03 um 03:23 Uhr:
> Hi,
> 
> Is there anyway to resistict  a non-root user's shell account ?
> 
> For example once he/she is logged in is there any way to deny, say, 
> reading the /etc/passwd file ?
> Can they be restricted like the way a user can be restricted using FTP ?
> 
> I know I could use a tool like Snort to watch whats going out , for 
> example /etc/passwd, except
> using SSH because it's encrypted.
> 
> To my knowledge so far I cannot prevent an SSH user from reading system 
> files.
> 
> Cheers
> Rudi.
> 
> 

Hi Rudi,

I had the same "problem". Finally I set up a chroot environment for
ssh users. I did it with pam_chroot which is really nice..

-Marc


-- 
°    <M3rlin-> what is the legal age to buy alcoholic in england ? °
°  <p5Ds13a06> you cant buy alcoholics                             °
°  <p5Ds13a06> but if you wink the right way,                      °
°              some of them will follow you home for free          °

Reply to:

Follow-Ups:
- Re: SSH access restrictions
  - From: "Rudi Starcevic" <rudi@oasis.net.au>
- Re: SSH access restrictions
  - From: "Rudi Starcevic" <rudi@oasis.net.au>

References:
- SSH access restrictions
  - From: Rudi Starcevic <rudi@oasis.net.au>

Prev by Date: Re: Best way to update perl on Woody Stable ?
Next by Date: Re: SSH access restrictions
Previous by thread: Re: SSH access restrictions
Next by thread: Re: SSH access restrictions
Index(es):
- Date
- Thread