[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Limiting ssh usage on remote machine.

Well, on the remote machine, I can log in easily enough with
a passwordless key.

rdist (which handles things like "copy new files over with integrity"
and "run commands perhaps using said new files") goes to the remote
machine and runs (I believe "/bin/sh rdistd").  So I'm (re)learning
rdist a bit.  I'd like to restrict REMOTE to running /usr/local/sbin/rdistd
but haven't worked that out yet.  Letting is use a restricted shell
(rsh, not remote shell) is a step towards what I need.

File integrity isn't an issue with rdist (I believe).  The command
run afterwards is "make" so the Makefile takes care of moving handled
data into place.  And I can use a limited "sudo myscript" to do deal
with ownership and final locations.