Subject: Re: Secure Shell now in mainline
To: John Nemeth <jnemeth@victoria.tc.ca>
From: Jaromír Dolecek <dolecek@ibis.cz>
List: current-users
Date: 10/26/2000 11:14:33
John Nemeth wrote:
> - staff accounts can do anything
> - user accounts aren't allowed access to dot files (this is for scp)
> - user accounts shouldn't be allowed access to files outside their home
> directories, except for a configured list of directories (this is for
> scp)
> - an alternative to the above two requirements would be to disable scp
> access for user accounts
> - user accounts aren't allowed to run arbitrary programs (i.e. no ssh,
> just slogin)
I think this should not be too hard to do with any ssh using
properly hacked $HOME/.ssh/config or $HOME/.ssh/rc or $HOME/.ssh/environment.
Jaromir
--
Jaromir Dolecek <jdolecek@NetBSD.org> http://www.ics.muni.cz/~dolecek/
@@@@ Wanna a real operating system ? Go and get NetBSD, damn! @@@@