Difference between revisions of "Restricted Shell for SSH Server"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! | If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands! | ||
| + | |||
This does not work with installed tmux or screen, cause Users can break out of rbash! | This does not work with installed tmux or screen, cause Users can break out of rbash! | ||
Revision as of 15:38, 23 May 2017
If you use SSH Logins you can lock down the Console to a restriced shell with less enabled commands!
This does not work with installed tmux or screen, cause Users can break out of rbash!
- Login as root User on the Server
- install rbash with:
apt-get install rbash
- rename bash by:
mv /bin/bash /bin/oldbash chmod o= /bin/oldbash
- create a symlink for rbash to bash
$ln -s /bin/bash /bin/rbash
- enable rbash by system setting /etc/shells
$echo '/bin/rbash' >> /etc/shells
- set user shell to /bin/rbash
$chsh #set user shell to /bin/rbash
- Disable "chsh" command for users
$chmod o= /bin/chsh
- Login as user and test linux commands..
- Purge tmux and screen Multiplexer if installed!