On Thu, Jan 11, 2007 at 06:55:33PM +0100, Adrian von Bidder wrote: > Anybody has an idea if and how this is possible? The obvious but ugly > solution would be to run a second sshd on a different port, but I'd rather > avoid that. If I understand this correctly, it's not a matter of public key or password authentication but rather to give shell access to only one user. Since rssh is designed to disallow shell access, you won't succeed with this. You will need another ssh daemon that provides the shell access. You could for example use openssh and restrict access to this one user with the "AllowUsers" option in sshd_config. The "command" and "environment" options in the authorized_keys file can be used to bind a public key to a more restrictive environment. Also, if the user can perform his work in a restricted shell (rsh or rbash) this allows for even more restrictve access to the system. Michel
Attachment:
signature.asc
Description: Digital signature