similar to: rsync over ssh without giving the user access to a shell?

Displaying 20 results from an estimated 10000 matches similar to: "rsync over ssh without giving the user access to a shell?"

2002 May 22
4
restricting rsync over ssh
Is it true that when running rsync via ssh (i.e. rsync -e ssh ...) the rsyncd.conf file is not applicable on the remote since rsync is launched via the ssh exec call once connected rather than from rsyncd as in a direct connect. If so, I am trying to find the best way to restrict rsync -e ssh on the remote machine. Prepending the authorized_keys entry with command='rsync ...' 1024...
2003 Jan 05
2
restricting rsync over ssh on the server side.
I was wondering if it's possible to restrict rsync in various ways on the server side when it is invoked via ssh. Two restrictions I had in mind are disallowing deletes and/or restricting all actions to a particular subdirectory. I was hoping to be able to do this without having to be root (for a chroot) or having to set up special sshd server instances/chroots. If there's not already a
2006 Sep 04
1
Rsync + SSH on a different port + restricted access
Hello, I'm trying to setup Rsync over SSH with openSSH running port 2222 with a remote RSA public key authentification and a restricted shell to avoid the user to browse my server via SSH, only be able to run rsync server. 1) i've built a regular rsync server over TCP/873 Worked fine, check my conf : motd file = /etc/rsyncd.motd log file = /var/log/rsyncd.log pid
2003 Apr 17
1
Running an rsync server over a remote shell program
Hi, I'm having problems with the command= syntax in the authorized_keys file. I'm running rsync 2.5.6. I've searched the list archives for "authorized_keys" and "protocol version mismatch", but I can't seem to derive a solution from those threads. Simply put, my goal is to let a group of 15 to 20 users update a set of files in a single user account on a
2003 Dec 04
1
rsync documentation for "--server" option?
Hello, The rsync man page shows example invocations that use the "--server" option. I could not find documentation for this option (a) in the man page (b) in the HTML man page on the website (c) in the "--help" help. I therefore found these examples to be confusing. Is there anywhere where I can find documentation for the "--server" option? As a result of not
2005 Jun 09
1
need good wrapper
I'm having trouble with the rsync wrapper's I've found online: rsync_wrapper[8458]: SSH_ORIGINAL_COMMAND environment variable apparently not set rsync: connection unexpectedly closed (0 bytes read so far) rsync error: error in rsync protocol data stream (code 12) at io.c(189) I'm not sure if this is a problem of incompatibility between my RHES3 and the wrappers I've found or
2010 Apr 06
2
rsync over ssh, multiple private keys sharing same UID, chroot
I am thinking of configuring a service where multiple users have their own private keys to do rsync over ssh. I don't want each of these users to have their own UID. I want them each to share a UID, but to have space on the ssh server isolated from any other user. Let us assume that I also wish to prevent them from using any service other than rsync. Is this possible? Is a sensible approach
2015 Jan 21
4
way to set shell used for remote commands?
On Wed, Jan 21, 2015 at 17:29:00 +0000, Alex Bligh wrote: > > On 21 Jan 2015, at 15:36, Jason Vas Dias <jason.vas.dias at gmail.com> wrote: > > > Please can OpenSSH provide some way of specifying which shell to use to > > execute commands on a host. > > Using dash as an example of another shell: > > ssh 127.0.0.1 -t dash > > and > >
2011 Apr 13
1
Server mode and rsyncd.conf
When rsync is used in remote-shell server mode, the documentation says: "Rsync supports connecting to a host using a remote shell and then spawning a single-use "daemon" server that expects to read its config file in the home dir of the remote user." I have been trying to make rsync read a config file (which I presume should be named rsyncd.conf) in the home directory of the
2018 Oct 18
1
Security issues when rsyncing directories as root
Hi, I am using rsync to keep two directores on two servers in sync. Machine A, the "client" is the one where the rsync process is invoked, which then logs into Machine B, the "server" as root with ssh and a key. The key is restricted in /root/.ssh/authorized_keys to a script that checks wither $SSH_ORIGINAL_COMMAND matches the rsync --server command that I expect, such as, for
2012 Sep 11
1
setup git in my godaddy server
Hello everyone, I know this is not correct place to ask this question but please help if you know As mentioned some tutorial, i install git version 1.7.3.4 in home directory (/var/chroot/home/content/xx/xxxxxxx/git). then I initialize git repository by git init --bare in my samplerepo.git then i add code in .bashrc file as follow export GIT_BIN=${HOME}/git export
2003 Mar 13
3
SSH command when uploading files
Hello I've searched quite a bit, but have so far been unsuccessful in finding an answer to a question I have concerning the upload of files via rsync over SSH. When downloading, I have been able to make use of SSH's benefits, yet still keep the rsync server safe from a shell accessible with a private SSH key lacking a passphrase by restricting the public key used by the rsync client to
2004 Sep 20
2
problem with R CMD build (PR#7240)
Hello, This may not be a bug--but I'm not sure. I have R 1.91 installed on a machine that's running Windows XP. In Cygwin, when I attempt to use the "build" command it tells me that TMPDIR is set to an invalid directory. See the results below: stat20:/cygdrive/d/dirk/bands/implementation -> which r /cygdrive/d/Programs/R/rw1091/bin/r
2004 Sep 20
0
RE: problem with R CMD build--FIXED (PR#7241)
> I'm puzzled. One thing I'd try would be to get Cygwin out of the picture, > at least for a moment. Try to set TMPDIR (and maybe TMP and TEMP) to > C:\Temp, > and try to run the whole thing from a "DOS" Cmd.exe window. Here it is: D:\dirk\bands\implementation>set TMPDIR=d:\tmp D:\dirk\bands\implementation>echo %TMPDIR% d:\tmp
2020 Oct 21
6
"Semi-Trusted" SSH-Keys that also require PAM login
Hello all, in order to connect to my SSH servers from untrusted devices like company computers or my smartphone, I set up 2FA with google-authenticator hooked into PAM. However, this is not really 2FA at least for the smartphone, since I use the same device for generating the TANs and it is also at least inconvenient to always require a new TAN for each connection. I do not want to solely rely
2003 May 09
3
Windows 2000 Profiles Through Freeswan VPN
Hello, I have setup a samba server at my office as a PDC it stores the profiles on the server fine. I can access the profiles from any computer in the office just fine. My problem is that I work from home 4 days a week and need to access my work profile. I currently VPN into the office network via freeswan. I can log into the the domain from the vpn'd connection and I can access the samba
2012 Jun 29
0
IAX Trunk issue. (Dale Noll
Dale, Sorry for taking so long to answer, I've been traveling. Thanks so much for the suggestion, your solution worked perfectly. I'm not sure why I didn't notice that the IAX trunk was working in the other direction. Once again, thanks for your help. Mitch Date: Mon, 25 Jun 2012 05:44:37 -0500 From: Dale Noll <dnoll at wi.rr.com> Subject: Re: [asterisk-users] IAX Trunk
2017 Mar 08
2
Logging with ForceCommand and SCP
Hello List, I'am using the ForceCommand in my sshd configuration to log all the user actions on my device. ForceCommand /usr/bin/log-session.sh The Log Session Script itself is working fine for logging. But now I want also use SCP to copy files and this won't work together with the ForceCommand above. The copied file is created but its zero byte on the target. scp file.tar.gz
2009 Sep 15
2
best method to format output of frequency table
I have some security alert log data that I'm parsing and doing some stats on. One of the fields is the "Classtype" which is the enumerated value of the type of alert found. classtypes = factor( alerts$Classtype ) fclass_types = table( classtypes ) fclass_types gives me a frequency table of the intrusion types: fclass_types classtypes
2014 Feb 05
1
Make SSH_ORIGINAL_COMMAND available in AuthorizedKeysCommand context
Hi Using SSH_ORIGINAL_COMMAND in AuthorizedKeys is so helpful, I'd like to know if it might be possible to access it in the AuthorizedKeysCommand context (via env ?). Is this possible ? can anybody give me advice on going into this ? If possible, I'll use this SSH_ORIGINAL_COMMAND to send client specifics information to the AuthorizedKeysCommand script. Currently, the only alternative