On Fri, Apr 25, 2008 at 07:50:47PM +0000, D Hill wrote:
> On Fri, 25 Apr 2008 at 14:30 -0500, [EMAIL PROTECTED] confabulated:
>> --On Friday, April 25, 2008 16:41:07 +0000 D Hill <[EMAIL PROTECTED]>
>>> On Fri, 25 Apr 2008 at 09:30 -0700, [EMAIL PROTECTED] confabulated:
>>>> On Apr 25, 2008, at 6:46 AM, Geert Geurts wrote:
>>>>> I've got a server running a ssh server, I want to enable ssh for the use
>>>>> of sftp by a group of users, and limit their ssh access to just allow
>>>>> running passwd so they can change their default password. What whould be
>>>>> the best/easiest way to acomplish this, or something similiar?
>>>> I wonder what would happen if you gave them a shell of
>>> That should work. I just tested. When an ssh connection is made, it
>>> passwd. As soon as the password is changed, the ssh connection was closed:
>>> %ssh -l asdf 192.168.1.50
>>> Changing local password for asdf
>>> Old Password:
>>> New Password:
>>> Retype New Password:
>>> Connection to 192.168.1.50 closed.
>> Should make for some fascinating experiences with sftp. :-)
> I believe the connecton would just close. Somehow I missed that sftp part :-(
One more thing: you'll have to set r-x permissions for /usr/libexec/sftp-server
To summarize, you'll have to set r-x permissions for the user's shell, passwd
utility and sftp-server.
All other executables can be denied access...
> email@example.com mailing list
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"