On Fri, Jun 04, 2004 at 11:27:59PM +0000, Diego Iastrubni wrote: > Hi all, > > I have a problem I think some people here will be able to help me with. > > I want some users to be able to upload files to some site.The solution used > right now, is getting the private ssh keys from the users, and letting the > users to use "scp" to copy files to the remote server. > > However, I discovered that I can use "ssh [EMAIL PROTECTED] sh" to get a basic > shell on the box, and delete files on that dir (or others).
You could probably use the 'command="..."' syntax before the relevant key in authorized_keys to limit the user to executing a server-side scp command. This page deals with it http://www.snailbook.com/faq/restricted-scp.auto.html (but your syntax will be different if you use OpenSSH) To read about the syntax for OpenSSH, see the "AUTHORIZED_KEYS FILE FORMAT" section in the sshd manpage. As you can see, however, since the command scp executes on the server is not constant, this will be a flaky solution. > I would like to know what other solutions can you recommend me. I like the "upload thru web form" solution which Sagi provided. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
