03-01-2012
Restricting multiple users to run only sftp server
Hello,
can someone please provide steps, can I restrict a multiple users to only access only sftp on a server, to perform upload and download of files on their home directories.
1. I have updated their login shell as /sbin/nologin.
anything else do I need to update.
Thanks,
10 More Discussions You Might Find Interesting
1. Solaris
Hello,
I'm administrating new installed cluster that runs Legato Networker and Oracle 9. And I want to restrict the use of root to my self and givr the application and DBA the proper and needed privileges to do their duties without hassle in addition I would like to log users activities.
my... (0 Replies)
Discussion started by: sh_ksa
0 Replies
2. Solaris
I need to get multiple files from a windows server to a solaris server using sftp,
I tried it but only can get one file at a time ( I'm unable to use a wild card character using sftp) hoe do i do this.
any light on this is appreciated.
Ram. (3 Replies)
Discussion started by: ramky79
3 Replies
3. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
4. UNIX for Advanced & Expert Users
I'm using vsftpd which is being controlled by inetd.
I have a user that I want to only be able to connect from one specific IP address on the same internal network so I can backup files on a separate system.
Is this possible with TCP wrappers? I got the notion that it was because of a few... (4 Replies)
Discussion started by: mashiox
4 Replies
5. Linux
I am running a fedora core 13 server and I am having trouble with sftp. My users can connect to the server using SSH both using public key and password authentication. For some reason they are not able to connect using sftp.
I'l not sure what's going on. I ran sshd in debug mode and here's... (6 Replies)
Discussion started by: emildiego
6 Replies
6. Shell Programming and Scripting
how can i make my users to not use particular commands in the network
like:wall.......
pl z help me regarding this (1 Reply)
Discussion started by: yashwanthguru
1 Replies
7. SuSE
I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command
Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies
8. AIX
I want to know if there is any way to set up a users home directory access with a restricted shell and allow them to SFTP to the directory. I want to allow the user to SSH into their home directory but no where else on the AIX server. I also want the user to be able to SFTP files to their home... (1 Reply)
Discussion started by: daveisme
1 Replies
9. Red Hat
Hello,
I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration.
#pwd... (8 Replies)
Discussion started by: bobby320
8 Replies
10. Shell Programming and Scripting
I want to rename (move) multiple files on remote server. I tried the following command to move all TXT files from my_dir directory to /new_dir. But it does not work. Any help?
#!/bin/ksh
sftp -dev3 << ABC
cd my_dir
$(for i in TXT; do echo "ls *.$i" ; rename $x /new_dir/$x;... (1 Reply)
Discussion started by: Soham
1 Replies
LEARN ABOUT OSX
git-shell
GIT-SHELL(1) Git Manual GIT-SHELL(1)
NAME
git-shell - Restricted login shell for Git-only SSH access
SYNOPSIS
chsh -s $(command -v git-shell) <user>
git clone <user>@localhost:/path/to/repo.git
ssh <user>@localhost
DESCRIPTION
This is a login shell for SSH accounts to provide restricted Git access. It permits execution only of server-side Git commands implementing
the pull/push functionality, plus custom commands present in a subdirectory named git-shell-commands in the user's home directory.
COMMANDS
git shell accepts the following commands after the -c option:
git receive-pack <argument>, git upload-pack <argument>, git upload-archive <argument>
Call the corresponding server-side command to support the client's git push, git fetch, or git archive --remote request.
cvs server
Imitate a CVS server. See git-cvsserver(1).
If a ~/git-shell-commands directory is present, git shell will also handle other, custom commands by running "git-shell-commands/<command>
<arguments>" from the user's home directory.
INTERACTIVE USE
By default, the commands above can be executed only with the -c option; the shell is not interactive.
If a ~/git-shell-commands directory is present, git shell can also be run interactively (with no arguments). If a help command is present
in the git-shell-commands directory, it is run to provide the user with an overview of allowed actions. Then a "git> " prompt is presented
at which one can enter any of the commands from the git-shell-commands directory, or exit to close the connection.
Generally this mode is used as an administrative interface to allow users to list repositories they have access to, create, delete, or
rename repositories, or change repository descriptions and permissions.
If a no-interactive-login command exists, then it is run and the interactive shell is aborted.
EXAMPLE
To disable interactive logins, displaying a greeting instead:
$ chsh -s /usr/bin/git-shell
$ mkdir $HOME/git-shell-commands
$ cat >$HOME/git-shell-commands/no-interactive-login <<EOF
#!/bin/sh
printf '%s
' "Hi $USER! You've successfully authenticated, but I do not"
printf '%s
' "provide interactive shell access."
exit 128
EOF
$ chmod +x $HOME/git-shell-commands/no-interactive-login
To enable git-cvsserver access (which should generally have the no-interactive-login example above as a prerequisite, as creating the
git-shell-commands directory allows interactive logins):
$ cat >$HOME/git-shell-commands/cvs <<EOF
if ! test $# = 1 && test "$1" = "server"
then
echo >&2 "git-cvsserver only handles "server""
exit 1
fi
exec git cvsserver server
EOF
$ chmod +x $HOME/git-shell-commands/cvs
SEE ALSO
ssh(1), git-daemon(1), contrib/git-shell-commands/README
GIT
Part of the git(1) suite
Git 2.17.1 10/05/2018 GIT-SHELL(1)