Security Basics mailing list archives
Re: openssh public Key Athentication - with restrickted login shell
From: Robin Wood <dninja () gmail com>
Date: Mon, 9 Nov 2009 22:37:42 +0000
If you can use sftp rather than scp you can set the shell to /usr/libexec/openssh/sftp-server (choose your location) and that chroots the sftp to the home directory. Robin 2009/11/5 Jannis Kafkoulas <jasecml () yahoo com>:
Hi, I'd like too use scp to transfer data to a Linux box out of a perl script using public key authentication(with no passphrase:-( ). As long as the used userid has a regular account on that server everything works fine. But for higher security I'd like the user not to be able to login, so I gave him a "nologin shell" in the /etc/paswd. In this case its also inposible to authenticate as before. So I thought it should be a working but restricted "login shell", which is sufficient enough for that user complete the authentication and to do its scp file transfer, nothing else. Any idea? Thanks in advance Jannis ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- openssh public Key Athentication - with restrickted login shell Jannis Kafkoulas (Nov 09)
- Re: openssh public Key Athentication - with restrickted login shell Robin Wood (Nov 10)
- RE: openssh public Key Athentication - with restrickted login shell Chris Firth (Nov 10)
- Re: openssh public Key Athentication - with restrickted login shell Phillip Macey (Nov 12)