Is there any way to configure a user on a Linux box (Centos 5.2 in this case) so that they can use scp to retrieve files, but can't actually login to the server using SSH?
SCP SSH – Allow SCP but Not Actual Login Using SSH
linuxscpssh
Related Topic
- Ssh – How to automate SSH login with password
- Disable SSH Password Login – How to Disable SSH Login with Password for Some Users
- Ssh login successful, but scp password gives me “Permission denied”
- Ssh – OpenSSH anything like ‘internal-sftp’ but for SCP
- Centos – How to maintain ssh connection for multiple scp transfers
Best Answer
DEPRECATED: Please note the following answer is out of date. rssh is no longer maintained and is no longer a secure method.
rssh shell (http://pizzashack.org/rssh/) is designed for precisely this purpose.
Since RHEL/CentOS 5.2 doesn't include a package for rssh, you might look here to obtain an RPM: http://dag.wieers.com/rpm/packages/rssh/
To use it just set it as a shell for a new user like this:
..or change the shell for an existing one like this:
..and edit
/etc/rssh.conf
to configure rssh shell - especially uncommentallowscp
line to enable SCP access for all rssh users.(You may also want to use chroot to keep the users contained in their homes but that's another story.)