nixCraft

ricc · #1 (**permalink**) 01-10-2006, 04:35 PM

I want to setup a gateway ssh server, using Linux, so that people can login to internal servers thru the gateway.

Only ssh will be allowed in the gateway box by and the user ( whichever I create and allow to login) can only use ssh and passwd command only.

I guess it needs to be done on a user to user basis or may be something in a global config wherein we specify the commands and just keep on adding the users allowed to ssh.

Pls help.

tom · #2 (**permalink**) 01-10-2006, 07:42 PM

Just add user and you are done

or may be i'm not getting what you are trying to say..

rockdalinux · #3 (**permalink**) 01-11-2006, 11:38 PM

You can setup list of users in sshd_config file

Code:

vi /etc/ssh/sshd_config

Code:

AllowUsers ricc rocky  rock

Restart sshd

ricc · #4 (**permalink**) 01-12-2006, 04:11 PM

I understand Tom.

Normally we dont need to specify any user at all, I think. I believe all the users in /etc/passwd can login and use the system as they do when sitting infront of the system.

What I want is, not to give all users all the permissions. Any user that I give permission to login can only be able to do ssh & just passwd ( only these two command

.

I said before, they will just login into the gateway to be able to ssh into the internal machines only and nothing more than that. How do I restrict the users to any particular command and or any particular set of commands.

I know a server that one of my friends has, which allows only this. ssh command for loging in from the gateway to the internal servers and passwd for changing the password of the user from time to time.

In this server it also displays a login message whenever a user logs in into the gateway, saying we can only use xxx,xxx & xxx commands and our IP address is logged.

Thanks for your replies rocky & tom, I hope this time I am clear.

ricc[/quote]