restrict ssh access
Paul Schmehl
pauls at utdallas.edu
Fri Apr 25 19:30:33 UTC 2008
--On Friday, April 25, 2008 16:41:07 +0000 D Hill <d.hill at yournetplus.com>
wrote:
> On Fri, 25 Apr 2008 at 09:30 -0700, cswiger at mac.com confabulated:
>
>> On Apr 25, 2008, at 6:46 AM, Geert Geurts wrote:
>>> I've got a server running a ssh server, I want to enable ssh for the use
>>> of sftp by a group of users, and limit their ssh access to just allow
>>> running passwd so they can change their default password. What whould be
>>> the best/easiest way to acomplish this, or something similiar?
>>
>> I wonder what would happen if you gave them a shell of "/usr/bin/passwd"...?
>> :-)
>
> That should work. I just tested. When an ssh connection is made, it executes
> passwd. As soon as the password is changed, the ssh connection was closed:
>
> %ssh -l asdf 192.168.1.50
> Password:
> ...
> Changing local password for asdf
> Old Password:
> New Password:
> Retype New Password:
> Connection to 192.168.1.50 closed.
Should make for some fascinating experiences with sftp. :-)
--
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
More information about the freebsd-questions
mailing list