* Andre Fassbender (afassbender@eSeSIX.COM) [020730 08:24]: > hey hui, > > a really sick and fast way would be: > > 1. go to the useres home dir f.e. /home/blah > > 2. cat /dev/null > .bash_profile > > 3. echo "exit" > .bash_profile > > 4. change the permissions to read only (that the user cant overwrite the > file via scp) > > 5. pray I think you'll need more than this. For instance, what if the user issues ssh with a command to run, such as /bin/tcsh, or another shell. You're better off disallowing connects except using publickey authentication, and specifying the command /usr/lib/sftp-server as the only command that key is authorized to run. I think that should work, though I haven't tried it. good times, Vineet -- http://www.doorstop.net/ -- "Extremism in the defense of liberty is no vice. Moderation in the pursuit of justice is no virtue." -- Barry Goldwater
Attachment:
pgpUHdEnTlsJ0.pgp
Description: PGP signature