[clug] Wanted: Developer to securely implement a restricted SSH shell

Steve Walsh steve at nerdvana.org.au
Mon Jan 4 16:41:09 MST 2010

Nathan O'Sullivan wrote:
> It actually does more than I want. I used it as one reference to see 
> how it hangs together and is a rough basis for my implementation by 
> using a custom shell.
> It doesnt really do anything in terms of trying to protect itself 
> except setting PATH, so I'm not sure how widespread its usage is. The 
> bulk of the script is Perl though and not bash, which could be a good 
> idea to avoid unknown features.
I get asked a fair bit about it in the ##xen channel on freenode, and I 
know of a few Australian VPS providers who are using it, including some 
who have gotten quite deep into the code base and extended it's functions.

As much as I hate "how to forge", they have some info on setting it up 
at http://www.howtoforge.com/xen_tools_xen_shell_argo_p2 if other people 
on list are interested.


Steve Walsh
Vice President / SysAdmin Team member- Linux Australia
Networks and Technology - Linux.conf.au 2008
Evil Network bunny - Linux.conf.au 2009
Geek Emeritus (you fool! You glorious fool!) - Linux.conf.au 2010
I can neither confirm nor deny - Linux.conf.au 2011

More information about the linux mailing list