On Mon, 20 Dec 2021 12:15:01 +0100 Stefan Baur <x2go-m...@baur-itcs.de> wrote:
> In short: forget about it. If you're allowing users SSH access for > X2Go, they WILL be able to copy data. You can make it a little harder > for them if you think you have to, but as long as they are in control > of the client hardware, they will always be able to do so. I have no complete answer to it, but if you use keys instead of user/pass then you will be able to restrict ssh in ~/.ssh/authorized_keys from="1.2.3.4,2.3.4.5,9.8.7.6",no-port-forwarding,command="/path/to/script",no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa <key> (all in 1 line) This is an example of what I use here, I think there must be many other options available. see "man authorized_keys" HTH R. -- richard lucassen http://contact.xaq.nl/ _______________________________________________ x2go-user mailing list x2go-user@lists.x2go.org https://lists.x2go.org/listinfo/x2go-user
