Differences between current version and previous revision of SCPOnly.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 3 | Last edited on Monday, September 22, 2008 12:09:51 pm | by LawrenceDoliveiro | |
| Older page: | version 2 | Last edited on Friday, October 1, 2004 10:22:47 am | by JohnMcPherson | Revert |
@@ -6,9 +6,9 @@
;__what is scponly?__: "scponly" is an alternative 'shell' (of sorts) for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications.
;:A typical usage of scponly is in creating a semi-public account not unlike the concept of anonymous login for ftp. This allows an administrator to share files in the same way an anon ftp setup would, only employing all the protection that ssh provides. This is especially significant if you consider that ftp authentications traverse public networks in a plaintext format.
-Use 'chsh(1)' to set someone's login shell to be scponly, and then that user can use scp but not get an interactive shell.
+Use 'chsh(1)' to set someone's login shell to be scponly, and then that user can use scp but not get an interactive shell. You may also want to put them in a chroot(8) jail to prevent them snooping around your system (see ChrootNotes)
.
Your package management probably has this - Debian users can 'apt-get install scponly'.
__See Also:__
