Linux – Restrict SSH commands for a group of users

linuxsshuser-management

I'm trying to set up an environment where a number of users in a certain group can SSH into a server and then execute a set of predefined commands on it, using either a key exchange or a password.
So far I've been told to look into the authorized_keys "commands" section, but as far as I can tell this is only useful for non-human users.

Is there a way to either blacklist or whitelist a number of commands for a certain user group?

For example, users in group X should be able to ls, /etc/init.d, rm, but nothing else.

Best Answer

You will need to create a restricted command shell in the script language of your choice, then set up sshd to force usage of this restricted shell for the group you specify.

Example 8-1 and other following parts of O'Reilly's SSH, The Secure Shell Chapter 8 show ways to do the former.

For the latter, see the Match directive description in sshd_config(5).

As an example, you could add the following to /etc/ssh/sshd_config:

Match Group X
ForceCommand /path/to/your/restricted_shell

Related Solutions

Ssh – OpenSSH on Windows – enabling key-based authentication

It's a little late for an answer perhaps, but just in case someone else comes accross this question I would try the following.

Copy authorized_keys to authorized_keys2.
Run ssh-user-config to make sure permissions and such are correct.
Start sshd with the -d, -dd and -ddd parameters for it not to fork and print debug information in the foreground while testing. This usually is more helpful than increasing debugging information (-vvv) on the client.

PostgreSQL – Default Superuser Username/Password After New Install

CAUTION The answer about changing the UNIX password for "postgres" through "$ sudo passwd postgres" is not preferred, and can even be DANGEROUS!

This is why: By default, the UNIX account "postgres" is locked, which means it cannot be logged in using a password. If you use "sudo passwd postgres", the account is immediately unlocked. Worse, if you set the password to something weak, like "postgres", then you are exposed to a great security danger. For example, there are a number of bots out there trying the username/password combo "postgres/postgres" to log into your UNIX system.

What you should do is follow Chris James's answer:

sudo -u postgres psql postgres

# \password postgres

Enter new password:

To explain it a little bit. There are usually two default ways to login to PostgreSQL server:

By running the "psql" command as a UNIX user (so-called IDENT/PEER authentication), e.g.: sudo -u postgres psql. Note that sudo -u does NOT unlock the UNIX user.
by TCP/IP connection using PostgreSQL's own managed username/password (so-called TCP authentication) (i.e., NOT the UNIX password).

So you never want to set the password for UNIX account "postgres". Leave it locked as it is by default.

Of course things can change if you configure it differently from the default setting. For example, one could sync the PostgreSQL password with UNIX password and only allow local logins. That would be beyond the scope of this question.

Best Answer

Related Solutions

Ssh – OpenSSH on Windows – enabling key-based authentication

PostgreSQL – Default Superuser Username/Password After New Install

Related Topic