Re: SSH access restrictions

To: Rudi Starcevic <rudi@oasis.net.au>, debian-isp@lists.debian.org
Subject: Re: SSH access restrictions
From: "I. Forbes" <iforbes@zsd.co.za>
Date: Tue, 21 Oct 2003 12:15:22 +0200
Message-id: <[🔎] 3F95235A.17194.7C42EA@localhost>
In-reply-to: <[🔎] 3F9095FF.4050202@oasis.net.au>

Hello Rudi 

On 18 Oct 2003 at 11:23, Rudi Starcevic wrote:

> Is there anyway to resistict  a non-root user's shell account ?
> 
> For example once he/she is logged in is there any way to deny, say, 
> reading the /etc/passwd file ?

We have a set-up that uses "rbash". The client gets "rbash" as a 
login shell and his path is preset to a directory that has a few 
chosen executables in it. (In our case this is not much more than 
rsync).

I suspect a determined hacker could get around this, but it 
discourages most abusers.

Regards

Ian

-- 
Ian Forbes ZSD
http://www.zsd.co.za
Office: +27 21 683-1388  Fax: +27 21 674-1106
Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa

Reply to:

Follow-Ups:
- Re: SSH access restrictions
  - From: "Rudi Starcevic" <rudi@oasis.net.au>
- Re: SSH access restrictions
  - From: "Rudi Starcevic" <rudi@oasis.net.au>

References:
- SSH access restrictions
  - From: Rudi Starcevic <rudi@oasis.net.au>

Prev by Date: bind fills the logs
Next by Date: Re: SSH access restrictions
Previous by thread: Re: SSH access restrictions
Next by thread: Re: SSH access restrictions
Index(es):
- Date
- Thread