LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-12-2005, 12:23 PM   #1
linetnew
Member
 
Registered: Apr 2005
Location: India
Posts: 32

Rep: Reputation: 15
ssh


hello,
I know that ssh by other user to my remote machine with root access can allow user to use all resources to remote machine.
but is there any way i can prevent a ssh user to my machine with root access not to copy/write to my directory but read only files/directories. consider i am asking this as a remote user with root access who want to prevent allowed ssh connections to copy my data to his machine.
 
Old 10-12-2005, 12:31 PM   #2
adamglauser
LQ Newbie
 
Registered: Jan 2004
Distribution: Mandrake 9.2
Posts: 4

Rep: Reputation: 0
Allowing root user log in

Allowing a user to log in via ssh with root permissions is equivalent to allowing a user to log in at the keyboard with root permissions. A root user can essentially do anything because they can change any permissions you set.

The only way I can think of to allow root access to your machine while still protecting the data would be to encrypt whatever data you are want to restrict access to, without saving the encryption key anywhere on the system.

A better solution would be to create a new user for the person who you want to allow access to and restrict this person's access to only the data and programs you are comfortable with them using.

Hope this helps,
Adam
 
Old 10-12-2005, 09:29 PM   #3
NoStop
Member
 
Registered: Feb 2005
Location: Canada
Distribution: Debian Etch - Enlightenment E17
Posts: 116

Rep: Reputation: 15
Re: ssh

Quote:
Originally posted by linetnew
hello,
I know that ssh by other user to my remote machine with root access can allow user to use all resources to remote machine.
but is there any way i can prevent a ssh user to my machine with root access not to copy/write to my directory but read only files/directories. consider i am asking this as a remote user with root access who want to prevent allowed ssh connections to copy my data to his machine.
Just don't allow root access via ssh. Make the user login as an ordinary user. If that user then needs root access, s/he can su to root if s/he has root's password.

Cheers.
 
Old 10-13-2005, 07:29 PM   #4
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
Quote:
If that user then needs root access, s/he can su to root if s/he has root's password.
If he/she can do that then they can read/write linetnew's home directory.

linetnew there is no way to do what you're asking - the definition of the root user is a user that can do anything. You can protect your private data using encryption as adamglauser said.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 03:50 AM
[SSH] Issue logging in [SSH & Permissions] MD3 Linux - Networking 11 12-10-2006 10:25 AM
Mac OS X ssh client / linux sshd : ssh hangs/disconnects Apollo77 Linux - Networking 1 05-24-2006 12:53 PM
I turned off SSH, but I cant get it back! How do you start SSH on boot? nmoog Slackware 2 02-08-2004 06:18 PM
ssh issue: /usr/bin/ssh -x -oFallBackToRsh no -l WeNdeL Linux - Software 1 03-04-2003 08:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration