scponly restricts users to SCP and SFTP logins by acting itself as a shell and this disables SSH logins. This allows using Filezilla or 'scp' tool to transfer files but restrict SSH logins via SSH clients.
Debian has this package as 'scponly'. TO install it:
# apt-get install scponly
Since, we will not be chrooting users, suid binary is not required. So, select no to:
Install the chrooted binary /usr/sbin/scponlyc SUID root? <-- No
For existing users, do:
# usermod -s /usr/bin/scponly username
To create a new user with scponly:
# useradd -m -s /usr/bin/scponly username
# passwd username
0 comments:
Post a Comment