分类: LINUX
2008-03-24 14:14:00
chinaunix网友2008-05-07 21:50:48
我有一个问题,SSH相当于给了用户一个shell,那么如果某些用户想看一些系统内部的东西,岂不是也可以了?如何设置,来限制用户只能运行厂家给定的那几个命令呢?
piaoxiang2008-04-16 15:52:58
dropbear也可以有xinetd来启动,不过我测试的时候,如果有xinetd来启动,则认证速度非常慢。反而是独立启动要好一些。xinetd启动的配置如下: service ssh { socket_type = stream user = root wait = no protocol = tcp port = 22 instances = 5 per_source = 4 server =/usr/sbin/dropbear server_args = -i disable = no log_on_success += DURATION USERID log_on_failure += USERID }
piaoxiang2008-04-16 15:50:09
Usage: dropbear [options] Options are: -b bannerfile Display the contents of bannerfile before user login (default: none) -d dsskeyfile Use dsskeyfile for the dss host key (default: /etc/dropbear/dropbear_dss_host_key) -r rsakeyfile Use rsakeyfile for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key) -F Don't fork into background -E Log to stderr rather than syslog -m Don't displa
