HPE Community
Operating System - Tru64 Unix
1754362 Members
4840 Online
108813 Solutions
New Discussion юеВ

SCP Only between TRU64 Machines

 
Premjith Nair
Occasional Advisor

тАО01-10-2006 09:22 PM

тАО01-10-2006 09:22 PM

SCP Only between TRU64 Machines

I have configured scp from One TRU64 machine to another without prompting for Password. I want to restrict the user to use only scp command & should not be able to login using ssh interactively.

Though in the authorization file, the command restriction script is added, SSH@_ORIGINAL_COMMAND Environment Variable is not getting set when remote command is executed.

Anybody has done command restriction option using SSH2.
VMS is the best
0 Kudos
3 REPLIES 3
Ivan Ferreira
Honored Contributor

тАО01-10-2006 11:08 PM

тАО01-10-2006 11:08 PM

Re: SCP Only between TRU64 Machines

You could add a line in the /etc/profile that checks if the UID match that specific user, then runs the exit command.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Aco Blazeski
Regular Advisor

тАО01-15-2006 07:37 PM

тАО01-15-2006 07:37 PM

Re: SCP Only between TRU64 Machines

HI Nair,

Set the /usr/bin/ssh-dummy-shell as default shell for the scp user.

/usr/bin/ssh-dummy-shell is for commercial version of ssh, which I believe you have on your system.

Regards,
0 Kudos
Premjith Nair
Occasional Advisor

тАО01-16-2006 03:57 PM

тАО01-16-2006 03:57 PM

Re: SCP Only between TRU64 Machines

This is made working after adding
"command /usr/bin/sftp-server" in the authorization file.

Though the Man page shows the command syntax
as 'command="command", this was not working.

Thanks for your replies.

VMS is the best
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.