"William H. Geiger III" <[EMAIL PROTECTED]> writes:
> >> Can this be set up so the ssh client only has access to the CVS
> >> server and not the entire system?
>
> >It could, but do you really trust cvs itself to be completely free of
> >security holes and such? I don't. I'd suggest finding another way to do
> >what you want instead of this.
>
> Well now I am getting conflicting info on the capabilities of SSH. Setting
> aside the CVS issue is it possible to set up SSH so I can restrict a
> subset of users to specific ports on the machine?
Not easily, but you *can* easily restrict certain users to certain
programs. However, as I've noted, cvs itself is not very secure. I'm
not sure I would trust the overall resulting setup.
If the goal is simply to permit widespread authenticated access to the
sources, perhaps other methods would work better.
Perry
