On 08/13/2018 08:06 AM, Didier Kryn wrote:
> But allowing ssh connections with a restricted shell permitting only
> the commands used by rsync could be the way. But you would probably need
> to forbid the fancy features of ssh, like port forwarding.
If they use SSH keys (and only keys) for authentication then rsync
restrictions can be set in the authorized_keys file but requires a bit
of fiddling to get the right options. Running rsync with the SSH client
in verbose mode gives you the details needed to set in the key file:
rsync -e 'ssh -v' -avH /some/source/dir u@there:/some/dir/
Then see 'command="command"' in the AUTHORIZED_KEYS FILE FORMAT section
of the manual page for sshd(8) for that.
Once done, that is rather solid on its own but could still be used in
conjunction with a restricted shell. The prerequisite is for a locked
down SSH key is that the group of users to be affected doesn't have
access the authorized keys files. The accounts need to be able to read
their own own keys but not write them. And perhaps it is best if it
cannot read the keys for other accounts.
Match Group lockedin
AuthorizedKeysFile /etc/ssh/keys/%u/authorized_keys
Or something similar if you are more careful with the file permissions.
Match Group lockedin
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
What scale are you looking at, 10s, 100s, 1000s, or more?
/Lars
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
