On Thu, 2003-03-20 at 15:54, Justin Zygmont wrote: > On 20 Mar 2003, Piero Calucci wrote: > > > On Thu, 2003-03-20 at 02:51, Dan G wrote: > > > How can I restrict which users have SSH access to a server? I did not > > > see any settings in sshd_config. Does this have to be done with Pam? If > > > so what files/settings are used? > > > > in sshd_config you can use AllowGroups, AllowUsers, DenyGroups & > > DenyUsers. See sshd_config(5) > > do you know if this can be used to root jail them? No it won't, but you can use rbash (ln -s /bin/bash /bin/rbash), and change the user's shell to /bin/rbash. Make sure that /bin/rbash is also listed in /etc/shells, especially if you want these users to be able to have ftp access. rbash restricts users to only executing commands available in $PATH, and will not allow them to cd around the filesystem. This is not 100% restricted though, as they can run ls and other commands, provided those commands are in $PATH, on other files/directories. -- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/psyche-list
