All geek questions in one place

SSH limit - bash without commands

So, I have been working on this for a while. I would like to know if there is a better way or if I am on the right track.

Basically, I would like to allow some users to connect to my server via SSH, and then have a squid tunnel through this SSH connection.

However, the tricky part is that I do not want these users to be able to execute ANY commands. I mean NOTHING at all.

So, at this point I installed Jail via - jailkit. Then a specific user is put in jail and gets a bash shell as a shell.

The next step is to delete all the commands in the / jail / bin / directories, etc. directory so that they cannot execute any commands.

Am I on the right track here? What would you suggest?

Also ... I see that he will give them many commands, no errors found ... how to remove them.

Is there any other shell I could look at to give them something so that they would not do anything?

+3
source share
1 answer

You can set your shell to something like / bin / true or maybe to a simple script that will output an informational message and then run using ssh -N (see the ssh man page). I believe that this allows them to use port transfer without having a servo in the case.

EDIT:

The ssh -N equivalent in PuTTY checks the "Do not run shell or command at all" checkbox on its SSH configuration tab (Connection-> SSH).

EDIT2:

script, . Ctrl-C, . :

#!/bin/sh

echo "DNSH: Do-Nothing Shell"

while sleep 3600; do :; done

( ), ssh -N .

+2

Source: https://habr.com/ru/post/1776835/

More articles:


All Articles