将SSH用户限制为shell命令 [英] Limit SSH User to a shell command
问题描述
我的问题是
如何让用户通过shell命令和目录限制SSH服务器?
我的情况
我使用git将代码部署到我的服务器。我有2个服务器,第一个是产品服务器,第二个是git服务器。
我的团队使用git服务器来推/推代码。
$ b
在我的产品服务器上,我设置了git客户端。每当我想发布一个版本,我把它推到我的git服务器(主或其他分支......),然后我ssh到我的产品服务器拉代码。
我想与我的队友分享代码拉取权限,但不希望允许他们运行任何命令,但
我想限制的目录的所有者是apache:apache,所以如果ssh用户通过apache特权运行,它将会非常好。
谢谢您,
解决:我使用 一个简单的命令用于禁用在git用户中的shell是用 / usr / bin / git-shell 替换 / usr / bin / bash 。将其替换为/ etc / password文件或使用以下命令: 请从官方Git网站查看此文档:设置服务器。 how can I allow an user to ssh to my server with limitation to a shell command and a directory? I'm using git to deploy code to my Server. I have 2 servers, 1st one is product server, 2nd one is a git server. My team use git server to pull/push code. At my product server, I setup git client. Whenever I want to publish a version, I push it to my git server (master or other branches ...), then I ssh into my product server to pull the code. I want to share the code pulling privilege with my teammates, but don't want to allow them to run any command but git, and limit them in a directory only. The owner of directory that I want to limit is apache:apache, so it will be very good if the ssh user run by apache privilege. Thank you, Solved: I've used lshell with a limit set of commands. A simple command to disable the shell in a git user is to replace the /usr/bin/bash with /usr/bin/git-shell. Replace it in the /etc/password file or using the command: Check this document from the official Git website: Setting Up the Server.
Additional info if you want to have a shell on it but limiting it to a directory use:
rbash. Same as git-shell just replace the user shell with it. 这篇关于将SSH用户限制为shell命令的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
usermod -s / usr / bin / git-shell [用户名]
如果你想在它上面有一个shell但是将它限制在一个目录中,可以使用其他信息:
rbash 。与git-shell相同,只需用它替换用户shell即可。My question is
My situation
usermod -s /usr/bin/git-shell [username]
