Lists wrote:
On 09/23/2013 02:44 PM, m.roth@5-cent.us wrote:
Lists wrote:
On 09/23/2013 01:50 PM, Les Mikesell wrote:
Is there something that convinces you that sudo is better at handling the command restriction than sshd would be?
In the context of a production server, the idea is to remove any ability from another host (EG: backup server) to run local arbitrary
code or
change local files. (read-only)
<snip> > You can disable the password on the backup account to achieve a similar > effect using an SSHD option. If there's a better/simpler way to do this > via SSHD option I'd love to hear about it! > Sure. You disable password authentication, and allow keys only, in /etc/ssh/sshd_config.
This prohibits SSH logins via password, but does not strictly enforce what commands are allowed to be run (and all options allowed) by a specific which is what I was looking for.
Having done a bit more research, It does appear that you could use the "ForceCommand" option and disable passwords altogether for a user to achieve a similar effect with SSHD.
Right, but a) it very much limits who can get in. Another thing is that you can run the backups from a cron job as a push, instead of a pull.
And the other user still leaves the issue of ownership - only root can copy a user's home directory, or a project directory owned by that project, and keep it all the same.
And don't forget to save selinux contexts....
mark