![](https://seccdn.libravatar.org/avatar/89c021a068f54050cbb065f93254b9b6.jpg?s=120&d=mm&r=g)
17 Mar
2005
17 Mar
'05
01:52
On Wed, 16 Mar 2005, David Truchan-contr wrote:
Hi Everyone,
I have a situation where I have users that need to connect to my server via ssh.
When they connect there presented with a menu that they can't break out of to obtain shell access.
However, I've noticed that there is nothing stopping a savy user from doing something like this:
cat somefile |ssh hostname "cat - > /somedir/file-with-weak-perms"
Aside from chrooting ssh, does anyone know of a clever way to avoid this scenario?
ssh forced commands. Requires keys (doesn't work with passwords).
--
Carpe diem - Seize the day.
Carp in denim - There's a fish in my pants!
Jon Nelson