Re: Such a question

You may want to check out scponly from http://www.sublimation.org/ssh/. I think this software may also be available from the FreeBSD ports tree.

Check out the last two sentences of the description, it seems that might apply to your needs:

"scponly" is an alternative 'shell' (of sorts) for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications.

A typical usage of scponly is in creating a semi-public account not unlike the concept of anonymous login for ftp. This allows an administrator to share files in the same way an anon ftp setup would, only employing all the protection that ssh provides. This is especially significant if you consider that ftp authentications traverse public networks in a plaintext format.

Instead of just a single anon user, scponly supports configuring potentially many users, each of which could could be set up to provide access to distinct directory trees. Aside from the installation details (see INSTALL), each of these users would have their default shell in /etc/passwd set to "/usr/local/sbin/scponly" (or wherever you choose to install it). This would mean users with this shell can neither login interactively or execute commands remotely. They can however, scp files in and out, governed by the usual unix file permissions.

On Wednesday, November 27, 2002, at 07:44 AM, Stephane JOURDAIN wrote:

> Is it possible to disable the 'cd' command from the sftp server in
Received on Mon Dec 2 10:06:45 2002