EnglishFrenchSpanish

OnWorks favicon

restricted-ssh-commands - Online in the Cloud

Run restricted-ssh-commands in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command restricted-ssh-commands that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


restricted-ssh-commands - Restrict SSH users to a predefined set of commands

SYNOPSIS


/usr/lib/restricted-ssh-commands [config]

DESCRIPTION


restricted-ssh-commands is intended to be called by SSH to restrict a user to only run
specific commands. A list of allowed regular expressions can be configured in
/etc/restricted-ssh-commands/. The requested command has to match at least one regular
expression. Otherwise it will be rejected.

restricted-ssh-commands is useful to grant restricted access via SSH to do only certain
task. For example, it could allow a user to upload a Debian packages via scp and run
reprepro processincoming.

The optional config parameter is the name of the configuration inside
/etc/restricted-ssh-commands/ that should be used. If config is omitted, the user name
will be used.

USAGE


Create a configuration file in /etc/restricted-ssh-commands/$config and add following line
to ~/.ssh/authorized_keys to use it

command="/usr/lib/restricted-ssh-commands",no-port-forwarding,\
no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa [...]

EXIT STATUS


restricted-ssh-commands will exit with the exit status from the called command if the
command is allowed and therefore executed. If the command is rejected, restricted-ssh-
commands will exit with one of the following exit codes.

124 A configuration file was found and contains at least one regular expression, but
the requested command does not match any of those regular expressions.

125 The configuration file is missing or does not contain any regular expressions.
Thus all commands are rejected.

EXAMPLES


Imagine you have a Debian package repository on a host using reprepro and you want to
allow package upload to it. Assuming the user is reprepro and the package configuration is
stored in /srv/reprepro, you would create the configuration file
/etc/restricted-ssh-commands/reprepro containing these three regular expressions:

^scp -p( -d)? -t( --)? /srv/reprepro/incoming(/[^ /]*)?$
^chmod 0644 /srv/reprepro/incoming/[^ /]*$
^reprepro ( -V)? -b /srv/reprepro processincoming foobar$

Use restricted-ssh-commands online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

  • 1
    MSYS2
    MSYS2
    MSYS2 is a collection of tools and
    libraries providing you with an
    easy-to-use environment for building,
    installing and running native Windows
    software. It con...
    Download MSYS2
  • 2
    libjpeg-turbo
    libjpeg-turbo
    libjpeg-turbo is a JPEG image codec
    that uses SIMD instructions (MMX, SSE2,
    NEON, AltiVec) to accelerate baseline
    JPEG compression and decompression on
    x86, x8...
    Download libjpeg-turbo
  • 3
    Xtreme Download Manager
    Xtreme Download Manager
    The project has a new home now:
    https://xtremedownloadmanager.com/ For
    developers:
    https://github.com/subhra74/xdm Xtreme
    Download Manager is a powerful tool t...
    Download Xtreme Download Manager
  • 4
    TTGO VGA32 Lite
    TTGO VGA32 Lite
    Features:4:3 and 16:9 low resolution
    VGA outputPS/2 keyboard and mouse
    inputText-based user interface (TUI)
    with dialog managerPartial Unicode
    supportSlave dis...
    Download TTGO VGA32 Lite
  • 5
    Clover EFI bootloader
    Clover EFI bootloader
    Project has moved to
    https://github.com/CloverHackyColor/CloverBootloader..
    Features:Boot macOS, Windows, and Linux
    in UEFI or legacy mode on Mac or PC with
    UE...
    Download Clover EFI bootloader
  • 6
    unitedrpms
    unitedrpms
    Join us in Gitter!
    https://gitter.im/unitedrpms-people/Lobby
    Enable the URPMS repository in your
    system -
    https://github.com/UnitedRPMs/unitedrpms.github.io/bl...
    Download unitedrpms
  • More »

Linux commands

Ad