[scponly] ssh and scponly related query.
J.D. Baldwin
baldwin at panix.com
Thu Sep 15 14:07:54 EDT 2005
On Wed, Sep 14, 2005 at 06:51:30PM +0100, Benjamin Donnachie wrote:
> I currently use ssh and scponly to restrict users to file transfers
> only, with authentication currently carried out using passwords.
>
> However, I was wondering whether it is possible to specify an
> alternative shell depending upon the user and authentication method
> used. For example, if using public key authentication I would like
> certain users (especially me!) to be able to invoke a bash shell -
> however, for all other authentication methods and all other users I
> would like it to default to scponly.
Create two UNIX users, let's say ben1 and ben2. Both will be defined
with the same home directory and UID, and the same group membership.
In ~ben1/.ssh/authorized_keys are your public keys for authentication.
There is no ~/ben2/.ssh/authorized_keys file.
Now you can do uploads/downloads with the ben2 account and its
password, but you can shell in to ben1 with your key.
--
_+_ From the catapult of |If anyone disagrees with any statement I make, I
_|70|___:)=}- J.D. Baldwin |am quite prepared not only to retract it, but also
\ / baldwin at panix.com|to deny under oath that I ever made it. -T. Lehrer
***~~~~-----------------------------------------------------------------------
More information about the scponly
mailing list