Restricted Shell for SSH Server

From wiki.linuxonlinehelp.eu
Revision as of 15:37, 23 May 2017 by Author (talk | contribs)
Jump to navigation Jump to search

If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! This does not work with installed tmux or screen, cause Users can break out of rbash!

  • Login as root User on the Server
  • install rbash with:
apt-get install rbash
  • rename bash by:
mv /bin/bash /bin/oldbash
chmod o= /bin/oldbash
  • create a symlink for rbash to bash
$ln -s /bin/bash /bin/rbash

3. enable rbash by system setting /etc/shells 

$echo '/bin/rbash' >> /etc/shells

4. set user shell to /bin/rbash 

$chsh   #set user shell to /bin/rbash

5. Disable "chsh" command for users 

$chmod o= /bin/chsh

6. Login as user and test linux commands.. 7. Purge tmux and screen Multiplexer!

Retrieved from "https://wiki.linuxonlinehelp.eu//index.php?title=Restricted_Shell_for_SSH_Server&oldid=250"