Logon without shell

3 posts / 0 new
Last post
itefix
Offline
Last seen: 1 week 6 days ago
Joined: 01.05.2008 - 21:33
Logon without shell

I have a rather strange question:I'm running copssh on win2k3 server and I need to give a user sftp access to its home directory (/copssh/home/sftp_usr, using public key authentication) but cannot allow him to logon using a shell (eg. putty). I don't want the user to execute "ln -s /cygdrive" for instance.

Is there some way to achieve this?
What also may be helpful is to restrict the rights when using a shell.

I tried OpenSSH before, this allows omitting the ":/bin/bash" entry in the sshd_config file, but since OpenSSH has some severe problems with win2k3 I installed copssh.

Thanks.

itefix
Offline
Last seen: 1 week 6 days ago
Joined: 01.05.2008 - 21:33
Re: Logon without shell

Thanks, but I already tried that and it does not meet the requirements I need for my system.
What I want is a restriction for the shell itself: the user may not execute any commands that allows him to gain access to any drives or folders other than its own.

Perhaps a "dummy shell" would do the trick.

itefix
Offline
Last seen: 1 week 6 days ago
Joined: 01.05.2008 - 21:33
Re: Logon without shell

Okay,
Seems to be working afterall if you deny the access to drives and folders and "reactivate" the user.

Thanks.

Topic locked

Release announcements