1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
Source: restricted-ssh-commands
Section: net
Priority: optional
Maintainer: Benjamin Drung <bdrung@debian.org>
Build-Depends: debhelper (>= 9),
shunit2 (>= 2.1.6)
Standards-Version: 4.1.1
Homepage: https://github.com/bdrung/restricted-ssh-commands
Package: restricted-ssh-commands
Architecture: all
Depends: ${misc:Depends}
Description: Restrict SSH users to a predefined set of commands
restricted-ssh-commands is intended to be called by SSH to restrict a
user to only run specific commands. A list of allowed regular
expressions can be configured in /etc/restricted-ssh-commands/. The
requested command has to match at least one regular expression.
Otherwise it will be rejected.
.
restricted-ssh-commands is useful to grant restricted access via SSH to
do certain task. For example, it could allow a user to upload a Debian
packages via scp and run reprepro processincoming.
.
Create a configuration file in /etc/restricted-ssh-commands/ and add
following line to ~/.ssh/authorized_keys to use it
.
command="/usr/lib/restricted-ssh-commands",no-port-forwarding,
no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa [...]
|
