restricting rsync over ssh on the server side.
rlb at defaultvalue.org
Sun Jan 5 17:31:01 EST 2003
I was wondering if it's possible to restrict rsync in various ways on
the server side when it is invoked via ssh. Two restrictions I had in
mind are disallowing deletes and/or restricting all actions to a
particular subdirectory. I was hoping to be able to do this without
having to be root (for a chroot) or having to set up special sshd
If there's not already a way to do this, one possibility I had thought
of is a ssh key command= wrapper, so that you could generate an ssh
key like this:
command="rsync-ssh-wrapper --root=/home/foo/bar --disable-delete",...
and then when invoked rsync-ssh-wrapper would then look at
SSH_ORIGINAL_COMMAND to see the actual incoming request (presuming
there were any relevant options there; are rsync --server invocations
documented anywhere?), and combine that with the wrapper options to
decide how to invoke rsync --server. Of course this approach presumes
that rsync --server would support suitable arguments.
Is there interest in such a facility? It seems like something similar
might be useful for sftp and scp as well, but I haven't managed to
think of a way to implement a common solution. Also, I could imagine
that this solution for rsync might be somewhat difficult to implement
(perhaps complicated by symlinks, etc.), but it's the best thing I've
thought of so far.
rlb @defaultvalue.org, @linuxdevel.com, and @debian.org
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
More information about the rsync