SSH forwarding with an "untrusted" user
I've got a series of remote locations that I need to be able to connect to
from head office.
I need to be able to give a user the ability to ssh in, using port
forwarding(such as through putty), to a machine inside the firewall at
the remote location.
So I load up putty, setup the forward, and it works and all.
Here's the catch.. There's a shell running in the background. How do I
do this, without leaving a shell running around where the "untrusted" user
can access it?
There's an option in ssh to not allocate a pseudo-terminal, but I don't
trust the user not to change that. I need something server-side for that