[Gnu-arch-users] Re: restricted shell (sftp) for gnuarch ?

[Andreas Rottmann]

Eric Seigne <address@hidden> writes:

> Hello,
> i'm sorry to bother you but i don't find how to restrict my ssh/sftp
> shell for arch repositories !
>
> here is my situation:
>  user eric: full ssh and sftp access
>  3 others users: full ssh and sftp access
>  user eric_arch: access sftp only, and jail into /home/arch/
>
> i don't know how to make it !
>
> with cvs i used /bin/grap as shell or /bin/cvssh.pl but i can't find the
> same thing for gnuarch repositories !
>
Maybe rssh or scponly are what you look for?

Package: rssh
Description: Restricted shell allowing only scp, sftp, cvs, rsync and/or rdist
 rssh is a restricted shell to be used as a substitute of the login
 shell to allow users to perform only scp/sftp/cvs/rsync,rdist
 operations.
 .
 The security implications are high, so the home directories have
 to be set following the instructions provided.

Package: scponly
Description: Restricts the commands available to scp- and sftp-users
 "scponly" is an alternative 'shell' (of sorts) for system
 administrators who would like to provide access to remote users to
 both read and write local files without providing any remote
 execution priviledges.  Functionally, it is best described as a
 wrapper to the mostly trusted suite of ssh applications.

HTH, Rotty
-- 
Andreas Rottmann         | address@hidden      | address@hidden | address@hidden
http://yi.org/rotty      | GnuPG Key: http://yi.org/rotty/gpg.asc
Fingerprint              | DFB4 4EB4 78A4 5EEE 6219  F228 F92F CFC5 01FD 5B62

Python is executable pseudocode, Perl is executable line-noise.