Actually, the answer to that is "ssh". What I wanted to do was have a user be chroot'ed to their home directory when they logged into the server using secure shell and then only be able to telnet to another device from there. For what it's worth, here's what I've done to accomplish what I needed. I got the ideas from a couple places..... Don't know who to thank at this point since I've looked at about 100 pages :-) - got the latest version of bash, compiled it for my system (my current version of bash would not take the --restricted-mode option on startup, nor would it enter restricted mode when called as rbash) - installed the new bash as /usr/bin/rbash so that it comes up in "restricted mode" see http://uwsg.ucs.indiana.edu/usail/tasks/security/security.html#login - set the user's shell to /usr/bin/rbash - set the user's environment with .bash_profile, set root as the owner and perms to 644 - created a menu script that only allows them to telnet to a device OR logoff the system. any other action causes an immediate logout. There's probably hole somewhere in this but at least I've made it a little more difficult to do anything to my ssh server. Phil > I realized afterwards that you may have been asking about ssh and not sgi. > > Randolph J. Herber, [EMAIL PROTECTED]
