对于user用户,登录SSH后不可使用端口转发,而且只能访问/bin/reshell这个Shell程序,不可以运行其他程序。
对于netadmin用户,登录SSH后不可以使用某些命令(Bash Shell)。
SSH服务如何限制登录的用户使用某些功能?
-
okudayukiko0
- 帖子: 25
- 注册时间: 2016-02-06 21:54
- 系统: Windows 7
-
onlylove
- 论坛版主
- 帖子: 5230
- 注册时间: 2007-01-14 16:23
Re: SSH服务如何限制登录的用户使用某些功能?
我记得/etc/passwd里面可以指定用户shell来着?不过貌似是不管什么方式登录,都是那个shell
#include <stdio.h>
void main()
{
double world;
unsigned letter;
short stay;
long memories;
printf("I miss you.\n");
}
void main()
{
double world;
unsigned letter;
short stay;
long memories;
printf("I miss you.\n");
}
-
poloshiao
- 论坛版主
- 帖子: 18279
- 注册时间: 2009-08-04 16:33
Re: SSH服务如何限制登录的用户使用某些功能?
參閱
1. http://askubuntu.com/questions/48129/ho ... forwarding
How to create a restricted SSH user for port forwarding?
The new user must not be able to:
execute shell commands
access files or upload files to the server
use the server as proxy (e.g. webproxy)
access local services which were otherwise not publicly accessible due to a firewall
kill the server
2. http://cybermashup.com/2013/05/14/restr ... e-command/
Restrict SSH logins to a single command
1. http://askubuntu.com/questions/48129/ho ... forwarding
How to create a restricted SSH user for port forwarding?
The new user must not be able to:
execute shell commands
access files or upload files to the server
use the server as proxy (e.g. webproxy)
access local services which were otherwise not publicly accessible due to a firewall
kill the server
2. http://cybermashup.com/2013/05/14/restr ... e-command/
Restrict SSH logins to a single command