Solved

disable ssh access

Posted on 2010-09-23
6
1,046 Views
Last Modified: 2013-12-07
I have a centos5 server that i need to give a user access to. The server houses lots of sensitive info that I don't want to the user to be able to see. All I want them to be able to do is rsync their data out of their home directory and onto their local machine. I suppose there are many ways to do this, but i'm hoping there's an easy/str8 fwd way to do it.
0
Comment
Question by:machrisod
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 11

Expert Comment

by:willettmeister
ID: 33745888
use the /etc/hosts.allow file and set it up so that you can only ssh from your network.
0
 

Author Comment

by:machrisod
ID: 33755759
is there a way to give them ssh but limit the commands they can run to just a few?
0
 
LVL 11

Expert Comment

by:willettmeister
ID: 33756086
You can give them ssh and then limit their access to the files system by having them use sudo.  That way they would only have access to the files they own and then what ever commands they are allowed to run that you specify in the sudoers file.
0
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

 

Accepted Solution

by:
machrisod earned 0 total points
ID: 33756177
Thanks, but I just found a more elegant solution using rssh.

1) install rssh if you don't have it.
For ex on centos:
# wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.i386.rpm
# rpm -ivh rssh-2.3.2-1.2.el5.rf.i386.rpm
or ubuntu
$ sudo apt-get install rssh

2) add a user or mod an existing one to use rssh
new user:
# useradd -m -d /home/didi -s /usr/bin/rssh dickie
# passwd dickie
user mod:
# usermod -s /usr/bin/rssh dickie

3) tell rssh which commands can be run by users limited to rssh shell. Comment out lines like "allowrsync".
$ sudo vi /etc/rssh.conf

prettymuch i rule.

smell it.

-cap'n m@
0
 
LVL 11

Expert Comment

by:willettmeister
ID: 33756808
well with an attitude like that don't expect any more comments from me.
0
 

Author Comment

by:machrisod
ID: 33756969
thanks for the useful comment willettmeister. why is EE so full of people that cannot joke or have any fun whatsoever? did i miss the bitter personality questionnaire? i in NO way meant anything against you. i even said thanks. i just happened to answer my own question which seems common on this site. my joking attitude was towards the site not towards you. have a sweet day filled with rainbows, bro.

-me!
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Does your audience prefer people in photos or no people? How can you best highlight what you’re selling? What are your competitors doing, and what can you do that is different and unique from them?  Continue reading to learn how to make your images …
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
The viewer will learn how to dynamically set the form action using jQuery.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question