[clug] Wanted: Developer to securely implement a restricted SSH shell

Nathan O'Sullivan nathan at mammoth.com.au
Mon Jan 4 16:34:05 MST 2010

On 05/01/10 09:53, Steve Walsh wrote:
> Nathan O'Sullivan wrote:
>> I've posted the requirements off list, but to summarise: I need a way 
>> to let customers access their Xen domU console ("xm console $DOMAIN") 
>> over SSH, while doing our utmost to prevent the customer from doing 
>> anything else on the dom0.
> Hating to take money away from list members, but would xen shell do 
> what you want?
> http://www.xen-tools.org/software/xen-shell/

It actually does more than I want. I used it as one reference to see how 
it hangs together and is a rough basis for my implementation by using a 
custom shell.

It doesnt really do anything in terms of trying to protect itself except 
setting PATH, so I'm not sure how widespread its usage is. The bulk of 
the script is Perl though and not bash, which could be a good idea to 
avoid unknown features.

More information about the linux mailing list