Difference between revisions of "Restricted Shell for SSH Server"
Jump to navigation
Jump to search
(Created page with "If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! * Login as root User on the Server * install rbash with: <pre> apt-get in...") |
|||
| Line 1: | Line 1: | ||
If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! | If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! | ||
| + | This does not work with installed tmux or screen, cause Users can break out of rbash! | ||
* Login as root User on the Server | * Login as root User on the Server | ||
| Line 28: | Line 29: | ||
</pre> | </pre> | ||
6. Login as user and test linux commands.. | 6. Login as user and test linux commands.. | ||
| + | 7. Purge tmux and screen Multiplexer! | ||
Revision as of 15:37, 23 May 2017
If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! This does not work with installed tmux or screen, cause Users can break out of rbash!
- Login as root User on the Server
- install rbash with:
apt-get install rbash
- rename bash by:
mv /bin/bash /bin/oldbash chmod o= /bin/oldbash
- create a symlink for rbash to bash
$ln -s /bin/bash /bin/rbash
3. enable rbash by system setting /etc/shells
$echo '/bin/rbash' >> /etc/shells
4. set user shell to /bin/rbash
$chsh #set user shell to /bin/rbash
5. Disable "chsh" command for users
$chmod o= /bin/chsh
6. Login as user and test linux commands.. 7. Purge tmux and screen Multiplexer!