Bj�rn Lindstr�m wrote:
"Matthias F. Brandstetter" <[EMAIL PROTECTED]> writes:
I have a question to all of you: What do you think, which would be the
"best", ie. "most secure" access to a webserver, so that users can
update their sites?
To be more specific: I can't allow ssh login for most of this users
for several reasons, that's why I set /bin/false as login shell for
them. Ok, so no ssh, no ftp (sidenote: I hate [S]FTP[S] for several
reasons, ee. firewall issues and so forth).
Use ssh with a restricted shell. Restrict them to sftp only. Firewall
issues? Fix the firewall.
AFAIK restricted shell (bash -r) doesn't work anymore, use jail insted
--
[EMAIL PROTECTED] mailing list
