[FreeNX-kNX] preventing data transfers over SSH, yet still allow NX sessions.
Mark Christian
MCHRISTI at altera.com
Fri Feb 1 17:41:20 UTC 2013
I was wondering if it is possible to configure sshd_config, possibly using the ForceCommand keyword, to prevent arbitrary command execution/data transfers on the same host which is providing the NX sessions. For example I can configure sshd_config with:
ForceCommand /bin/bash
..which subsequently prevents, scp, rsync over ssh, and even something like "ssh remoteHost 'cat /etc/passwd'", but still allows interactive ssh sessions with a bash shell.
Does anyone have any ideas on how I can provide NX sessions to a remoteHost, yet prevent any data transfers to/from that sameHost over ssh? Using the example above can I ForceCommand the NX tunneling bits, and if so what are they? Or can NX be configured not to use ssh?
Thank you for your time.
Mark Christian
Confidentiality Notice.
This message may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution, or copying of this message, or any attachments, is strictly prohibited. If you have received this message in error, please advise the sender by reply e-mail, and delete the message and any attachments. Thank you.
More information about the FreeNX-kNX
mailing list