Skip to content

Commit

Permalink
User bob in example with limited PermitOpen
Browse files Browse the repository at this point in the history
  • Loading branch information
@dmotte
dmotte committed Dec 8, 2023
1 parent 3133c9c commit 23eb68c
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions example/build/setup/main.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,3 +259,24 @@ install -d -oalice -galice -m700 ~alice/.ssh
appownmod ~alice/.ssh/authorized_keys alice:alice 600 << 'EOF'
(put-public-ssh-key-here)
EOF

################################# USER: bob ##################################

useradd -Ums/bin/bash bob

cat << 'EOF' > /etc/ssh/sshd_config.d/bob.conf
Match User bob
AllowAgentForwarding no
AllowTcpForwarding local
GatewayPorts no
X11Forwarding no
PermitTunnel no
PermitListen none
PermitOpen 127.0.0.1:8001 127.0.0.1:8002
PermitTTY no
ForceCommand echo "This account can only be used for port forwarding"
EOF
install -d -obob -gbob -m700 ~bob/.ssh
appownmod ~bob/.ssh/authorized_keys bob:bob 600 << 'EOF'
(put-public-ssh-key-here)
EOF

0 comments on commit 23eb68c

Please sign in to comment.