Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-12-2005, 12:23 PM
|
#1
|
Member
Registered: Apr 2005
Location: India
Posts: 32
Rep:
|
ssh
hello,
I know that ssh by other user to my remote machine with root access can allow user to use all resources to remote machine.
but is there any way i can prevent a ssh user to my machine with root access not to copy/write to my directory but read only files/directories. consider i am asking this as a remote user with root access who want to prevent allowed ssh connections to copy my data to his machine.
|
|
|
10-12-2005, 12:31 PM
|
#2
|
LQ Newbie
Registered: Jan 2004
Distribution: Mandrake 9.2
Posts: 4
Rep:
|
Allowing root user log in
Allowing a user to log in via ssh with root permissions is equivalent to allowing a user to log in at the keyboard with root permissions. A root user can essentially do anything because they can change any permissions you set.
The only way I can think of to allow root access to your machine while still protecting the data would be to encrypt whatever data you are want to restrict access to, without saving the encryption key anywhere on the system.
A better solution would be to create a new user for the person who you want to allow access to and restrict this person's access to only the data and programs you are comfortable with them using.
Hope this helps,
Adam
|
|
|
10-12-2005, 09:29 PM
|
#3
|
Member
Registered: Feb 2005
Location: Canada
Distribution: Debian Etch - Enlightenment E17
Posts: 116
Rep:
|
Re: ssh
Quote:
Originally posted by linetnew
hello,
I know that ssh by other user to my remote machine with root access can allow user to use all resources to remote machine.
but is there any way i can prevent a ssh user to my machine with root access not to copy/write to my directory but read only files/directories. consider i am asking this as a remote user with root access who want to prevent allowed ssh connections to copy my data to his machine.
|
Just don't allow root access via ssh. Make the user login as an ordinary user. If that user then needs root access, s/he can su to root if s/he has root's password.
Cheers.
|
|
|
10-13-2005, 07:29 PM
|
#4
|
Senior Member
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549
Rep:
|
Quote:
If that user then needs root access, s/he can su to root if s/he has root's password.
|
If he/she can do that then they can read/write linetnew's home directory.
linetnew there is no way to do what you're asking - the definition of the root user is a user that can do anything. You can protect your private data using encryption as adamglauser said.
|
|
|
All times are GMT -5. The time now is 11:14 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|