Linked by Thom Holwerda on Wed 27th Sep 2006 13:49 UTC, submitted by falko
Privacy, Security, Encryption "The goal of this howto is building a NFS server that works on an SSH tunnel. This way all traffic between your hosts and the file server is encrypted and thus more secure. Normally you should enter a password every time you try to establish a SSH connection but since we could be mounting at bootup we will use ssh-keygen to create a keypair so we can login without entering a password. We will, however, limit that login session to executing just 1 command."
Thread beginning with comment 166364
To read all comments associated with this story, please click here.
ssh/user account
by anonymous-bert on Thu 28th Sep 2006 13:40 UTC
anonymous-bert
Member since:
2006-02-16

Probably a better solution is to set the shared user account shell to /bin/false, then construct the tunnel with the ssh -N option (which will put the ssh session in tunnel only mode, thereby not calling to shell, which will, as desired, fail with /bin/false as the shell).

This way the shared account is more controlled beyond just ssh sessions.

Bert

Reply Score: 1