[darcs-users] Setting up a server

[Daniel Carrera]

Jamie Webb wrote:
> At least some people are finding this sort of thing not so simple:
> 
> http://www.snailbook.com/faq/restricted-scp.auto.html
> http://www.pizzashack.org/rssh/security.shtml

The first link seems to suggest that it's alright. It says:

<quote>
...the best you can do is to restrict the user to only running the 
file-transfer server.
The simplest way to do this is to make the target account 
special-purpose, by giving it a shell which only allows runing the 
file-transfer server. SSH always uses the shell to run remote programs, 
so this is a reliable restriction.
</quote>

It says that "this is a reliable restriction". Okay, it also says:

<quote>
If you don't want to limit the account this way, then it gets harder to 
do this reliably.
</quote>

But I *do* want to limit the account in this way, so there's no problem.

In our project we made a shell that allows three commands: scp, darcs, 
svn. We're still experimenting, so I can't say if this is what we'll use 
at the end. I think we'll need to replace svn by svnserve (haven't 
tested that yet). But you get the idea.

Cheers,
Daniel.
-- 
      /\/`) http://oooauthors.org
     /\/_/  http://opendocumentfellowship.org
    /\/_/
    \/_/    I am not over-weight, I am under-tall.
    /