On Monday, 2004-06-14 at 12:38:58 +0100, Bruce M Simpson wrote: > On Wed, Jun 09, 2004 at 07:52:23AM -0700, Crist J. Clark wrote: > > To do scp-only, you either need (a) a hacked up sshd(8) daemon, (b) a > > jailed environment, or (c) a special shell for the user that only allows > > scp(1) to run. The funny thing is, I think (c) is probably the easiest > > to implement on a mass scale, but seems to be the option most seldom > > considered. > ports/shells/scponly That's a liiiitttle short. ;-) scponly covers both (b) as scponlyc and (c). It works with scp, sftp, WinSCP, gftp and (IIRC) rsync. Great tool. Lupe Christoph -- | lupe@lupe-christoph.de | http://www.lupe-christoph.de/ | | "... putting a mail server on the Internet without filtering is like | | covering yourself with barbecue sauce and breaking into the Charity | | Home for Badgers with Rabies. Michael Lucas | _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"