![](https://seccdn.libravatar.org/avatar/59de30a2205aca05090923890f83e128.jpg?s=120&d=mm&r=g)
Hi Everyone, I have a situation where I have users that need to connect to my server via ssh. When they connect there presented with a menu that they can't break out of to obtain shell access. However, I've noticed that there is nothing stopping a savy user from doing something like this: cat somefile |ssh hostname "cat - > /somedir/file-with-weak-perms" Aside from chrooting ssh, does anyone know of a clever way to avoid this scenario? TIA, Dave
![](https://seccdn.libravatar.org/avatar/861b5545c111d2257fa12e533e723110.jpg?s=120&d=mm&r=g)
The Wednesday 2005-03-16 at 20:12 -0500, David Truchan-contr wrote:
However, I've noticed that there is nothing stopping a savy user from doing something like this:
cat somefile |ssh hostname "cat - > /somedir/file-with-weak-perms"
Aside from chrooting ssh, does anyone know of a clever way to avoid this scenario?
You could define their default shell to be rbash. It does not allow changing directory. Check the man page for more info. There are other restricted shells. I don't know how scp or sftp are affected, however. -- Cheers, Carlos Robinson
![](https://seccdn.libravatar.org/avatar/89c021a068f54050cbb065f93254b9b6.jpg?s=120&d=mm&r=g)
On Wed, 16 Mar 2005, David Truchan-contr wrote:
Hi Everyone,
I have a situation where I have users that need to connect to my server via ssh.
When they connect there presented with a menu that they can't break out of to obtain shell access.
However, I've noticed that there is nothing stopping a savy user from doing something like this:
cat somefile |ssh hostname "cat - > /somedir/file-with-weak-perms"
Aside from chrooting ssh, does anyone know of a clever way to avoid this scenario?
ssh forced commands. Requires keys (doesn't work with passwords).
--
Carpe diem - Seize the day.
Carp in denim - There's a fish in my pants!
Jon Nelson
participants (3)
-
Carlos E. R.
-
David Truchan-contr
-
Jon Nelson