Re: allowing ssh login then allowing sftp only

You might want to take a look at the tool called scponly which can be found at http://sublimation.org/ssh/scponly/ or http://freshmeat.net/projects/scponly/

"for administrators that want to allow scp access without providing remote execution or interactive login priviledges."

features:

• logging: scponly logs time, client IP, username, and the actual request to syslog
• chroot: scponly can chroot to the user's home directory, disallowing access to the rest of the filesystem.
• sftp compatibility. my testing of sftp against an scponly user worked great. this is probably the cleanest and most usable way for an scponly user to access files. (of course, sftp is not ssh1 compatible.)
• WinSCP 2.0 compatibility
• rsync compatibility as a compile time option
• gFTP compatibility.
• security checks

On Friday, Mar 7, 2003, at 12:59 US/Pacific, Rick Patrick wrote:

> All,
>
> Can anyone help with the following situation:
Received on Mon Mar 10 18:52:43 2003