The Wednesday 2005-01-12 at 09:05 -0000, Andrew Brown wrote:
Define his shell to be rbash, and then he will not be able to change directory or execute something not in his path.
Is there a zsh equivalent? I will certainly do something like this.
I dunno. But looking up the info page, I see: Invocation * Compatibility:: * Restricted Shell:: Restricted Shell ================ When the basename of the command used to invoke zsh starts with the letter `r' or the `-r' command line option is supplied at invocation, the shell becomes restricted. Emulation mode is determined after stripping the letter `r' from the invocation name. The following are disabled in restricted mode: So the answer is yes ;-) I think you simply have to hardlink rzsh to zsh - as a matter of fact, bash uses the same trick: lrwxrwxrwx 1 root root 9 2004-08-15 14:04 /usr/bin/rbash -> /bin/bash* Well, with a softlink.
Ah. thanks. I now realise that I have to throttle his conneciton, or else my cable modem downloads sto working properly. Is there any way to throttle outgoing ssh connections easily?
I'm not familiar with traffic shaping, I don't know. Perhaps if he uses a fixed IP :-? - in that case, I would also restrict the firewall so that it is only possible to use ssh from that IP. -- Cheers, Carlos Robinson