This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: OpenSSH and cygwin: let a user only connect via sftp.


On Thu, Dec 05, 2002 at 12:45:28PM +0100, Schonder, Matthias wrote:
> >Setting a user's shell to /bin/false might (and I repeat, *might* - this is
> >speculation) work.
> 
> Nope, this does not work :( Been there, done that. But when sftp tries to
> login connection will be closed immediately.
> But thanks for you help.
> 
> >Max.
> 
> >PS: This isn't really Cygwin specific.
> 
> Well, I would say it is, because in FreeBSD and IRIX it works fine... so....

Well, if it works on FreeBSD and IRIX then do it the same way in Cygwin
as you did on FreeBSD and IRIX.  For instance, I tried setting the login
shell on a linux box to /bin/false and guess what?  The connection is
closed immediately.  So in that example Cygwin's ssh works exactly as on
other systems.

What you missed somehow is to explain *how* it works on FreeBSD and IRIX
so that we have a chance to look if (and perhaps why) it doesn't work on
Cygwin using the same technique which would make it sort of a Cygwin
specific question.

OTOH, I know how to restrict a user to sftp only and I know that the same
technique works on Cygwin as well as on e. g. Linux so from my current
knowledge of the situation there isn't something Cygwin specific here...


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]