socks proxy

Linux user account with ssh-only permissions

Sharing is caring!

SSH (among other things) is a secure way of proxy-ing your traffic, web browsing or accessing a  service remotely  which is blocked by a firewall. In case we want someone else to have that access or securely proxying his traffic etc etc,  we need to provide a user account with ssh-only access to our ssh server… Well, the solution described below is not best practice but it’s secure and fast to implement.

  1. Create a user, set the home folder, set preferred shell (rbash or nologin if you want your user use keys and not password).
  2. Give it a password
  3. Append at the end of the .profile file an empty variable PATH, so even if the user log in he can’t do anything else than… just log in!
  4. Remove write permissions from home directory.
  5. Remove write permissions form .bash_logout, .profile and .bashrc

Series Navigation<< SSH as SOCKs 5 proxy

Comment:

This site uses Akismet to reduce spam. Learn how your comment data is processed.