SCP only user? (untrusted user, my mother) - SSH

This is a discussion on SCP only user? (untrusted user, my mother) - SSH ; I let my mom use scp to copy digital pictures to her account on my server. Then I build a nice HTML index of pictures and thumnbnails from cron. Here's the problem: I am very concerned that her password would ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: SCP only user? (untrusted user, my mother)

  1. SCP only user? (untrusted user, my mother)

    I let my mom use scp to copy digital pictures to her account on my
    server. Then I build a nice HTML index of pictures and thumnbnails
    from cron.

    Here's the problem: I am very concerned that her password would become
    compromised. She uses an operating system called "Microsoft Windows
    ME" and frequently gets infected by viruses.

    So, I would like to severely limit her account privileges so that
    hackers who steal her SSH passwords cannot crack my server. I want to
    allow her to upload pictures, under her public_html, but no more (ie
    no shell use, etc).

    What is the "right" approach here?

    thanks

    i

  2. Re: SCP only user? (untrusted user, my mother)

    Ignoramus18364 writes:

    > I let my mom use scp to copy digital pictures to her account on my
    > server. Then I build a nice HTML index of pictures and thumnbnails
    > from cron.
    >
    > Here's the problem: I am very concerned that her password would become
    > compromised. She uses an operating system called "Microsoft Windows
    > ME" and frequently gets infected by viruses.
    >
    > So, I would like to severely limit her account privileges so that
    > hackers who steal her SSH passwords cannot crack my server. I want to
    > allow her to upload pictures, under her public_html, but no more (ie
    > no shell use, etc).
    >
    > What is the "right" approach here?


    http://www.snailbook.com/faq/restricted-scp.auto.html



    --
    Todd H.
    http://www.toddh.net/

  3. Re: SCP only user? (untrusted user, my mother)

    Ignoramus18364 wrote:

    > I let my mom use scp to copy digital pictures to her account on my
    > server. Then I build a nice HTML index of pictures and thumnbnails
    > from cron.
    >
    > Here's the problem: I am very concerned that her password would become
    > compromised. She uses an operating system called "Microsoft Windows
    > ME" and frequently gets infected by viruses.
    >
    > So, I would like to severely limit her account privileges so that
    > hackers who steal her SSH passwords cannot crack my server. I want to
    > allow her to upload pictures, under her public_html, but no more (ie
    > no shell use, etc).
    >
    > What is the "right" approach here?


    google scp_only











  4. Re: SCP only user? (untrusted user, my mother)

    On 17 Aug, 00:29, Anonymous wrote:
    > Ignoramus18364 wrote:
    > > I let my mom use scp to copy digital pictures to her account on my
    > > server. Then I build a nice HTML index of pictures and thumnbnails
    > > from cron.

    >
    > > Here's the problem: I am very concerned that her password would become
    > > compromised. She uses an operating system called "Microsoft Windows
    > > ME" and frequently gets infected by viruses.

    >
    > > So, I would like to severely limit her account privileges so that
    > > hackers who steal her SSH passwords cannot crack my server. I want to
    > > allow her to upload pictures, under her public_html, but no more (ie
    > > no shell use, etc).

    >
    > > What is the "right" approach here?

    >
    > google scp_only


    Google "WebDAV over HTTPS." You don't want SCP for this.


+ Reply to Thread