wenk-yahoo
2008-May-08 10:15 UTC
How can I support ssh; also at the same time, designate the commands can be found and executed?
Now I'm developing a embedded device program.I want to provide SSH for the
users.
I also want to limit users to browse and execute only my commamds .
Such as export/ls/find/cat/ fdisk/cd/rm/top/su etc., are forbidded[especially
'export '].
It looks like:
root at fedora8 /#ssh 192.168.0.6
then:
CLI>
CLI>allcmds
adduser deleteuser sessionlist sessionkill allcmds.....//all commands
are provided by me.
2008-05-08
wenk-yahoo
Peter Stuge
2008-May-08 12:39 UTC
How can I support ssh; also at the same time, designate the commands can be found and executed?
On Thu, May 08, 2008 at 06:15:04PM +0800, wenk-yahoo wrote:> I also want to limit users to browse and execute only my commamds .To limit file browsing you could disable the SFTP subsystem completely in sshd_config (comment out the line) or you could use a chroot directory for users, along with the sftp-internal subsystem introduced in 4.8p1. This directory would only contain the files that users are allowed to access.> root at fedora8 /#ssh 192.168.0.6 > > then: > > CLI> > CLI>allcmds > > adduser deleteuser sessionlist sessionkill allcmds.....//all commands are provided by me.This is probably easiest done by creating a custom shell. //Peter