LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-08-2012, 09:12 PM   #1
piman
LQ Newbie
 
Registered: Aug 2011
Location: DC
Posts: 5

Rep: Reputation: Disabled
Prevent certain groups/users from running commands, but give them an ssh terminal


Hello,
I need to prevent a group of users (ssh-tun) from executing any commands. They still need to have ssh access so that they can use an ssh tunnel, but without being able to do anything to my ec2 box. Any suggestions or solutions would be much appreciated!
Thank you in advance!
 
Old 03-08-2012, 09:36 PM   #2
EricTRA
Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290
Hello,

If you use key based authentication you could use the 'Forced command' option in association with a user's key. You could stipulate one command or point to a script where you provide 'enabled' commands. I don't know if it would still allow tunneling, you'll need to try that. Have a look at this site for some detail.

Kind regards,

Eric
 
Old 03-09-2012, 09:00 AM   #3
piman
LQ Newbie
 
Registered: Aug 2011
Location: DC
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thank you for the article, i figured it out using that site. I wrote a copied their script also, to give user the date, and I can add anything else I want them to be able to do. The key to making this work is to put 'command="blank/blank"' on the same line, before the key that you want it to apply to
 
Old 03-09-2012, 01:07 PM   #4
EricTRA
Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290
Hi,

Glad it was of help. If you consider your problem solved then please mark this thread as such.

Kind regards,

Eric
 
  


Reply

Tags
commands, ssh, tunnel


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
make commands keep running after leaving a terminal session or ssh session Danny3031 Programming 18 01-30-2012 11:29 AM
Terminal commands running behind the GUI Suhail Sherif Linux - Newbie 1 01-10-2010 01:25 PM
prevent users from running 'su' manudath Linux - Security 5 04-28-2005 02:03 PM
Prevent users from running su Itzac Linux - Security 13 03-25-2003 04:25 PM


All times are GMT -5. The time now is 08:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration