[clug] Wanted: Developer to securely implement a restricted SSH shell
Nathan O'Sullivan
nathan at mammoth.com.au
Mon Jan 4 16:34:05 MST 2010
On 05/01/10 09:53, Steve Walsh wrote:
> Nathan O'Sullivan wrote:
>> I've posted the requirements off list, but to summarise: I need a way
>> to let customers access their Xen domU console ("xm console $DOMAIN")
>> over SSH, while doing our utmost to prevent the customer from doing
>> anything else on the dom0.
> Hating to take money away from list members, but would xen shell do
> what you want?
>
> http://www.xen-tools.org/software/xen-shell/
It actually does more than I want. I used it as one reference to see how
it hangs together and is a rough basis for my implementation by using a
custom shell.
It doesnt really do anything in terms of trying to protect itself except
setting PATH, so I'm not sure how widespread its usage is. The bulk of
the script is Perl though and not bash, which could be a good idea to
avoid unknown features.
More information about the linux
mailing list