[plug] Allow SSH but deny SFTP?
andrew.furey at gmail.com
Thu Jul 20 17:04:29 AWST 2017
Hi all, long time no post...
I have a requirement for users to have full user-level SSH access (their
profile then launches a full-session application and logs out at the end;
they don't have shell access within this application so it's safe enough to
just allow as normal).
I want to restrict ability to use SFTP to trundle through the filesystem.
However I would like to still allow it for root (grand prize being other
specified users if possible too) so I can't just turn the Subsystem itself
off... can I?
I don't think I can use the internal-sftp and then chroot it (which would
probably also be sufficient) as the requirement for 755 root:root on the
home directory and above will most likely break the intended application.
Linux supports the notion of a command line or a shell for the same
reason that only children read books with only pictures in them.
Language, be it English or something else, is the only tool flexible
enough to accomplish a sufficiently broad range of tasks.
-- Bill Garrett
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the plug