[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH access restrictions


> Our rbash shells don't have access to vi ... or much else! Their 
> path is set to "/usr/local/lib/rbash-bin/" and that directory has 
> sym-links to a few selected binaries.
> Still I don't regard the rbash setup as secure.

Yes but is sound OK for your needs.
In this case I need, or want, to restrict a fully logged in user.
So I can offer ftp and ssh access.

To sumerize the options I've found so far:

a) PAM chroot
b) rbash - restricted shell
c) SSH2 chroot access.

In this case the machine in question is a remote virtual server with
only SSH access. So I think c) may be the go.

If I had local users I guess a) or b) with a) having stronger security.


Reply to: