organzing for portfolio
This commit is contained in:
@ -0,0 +1 @@
|
||||
command="/home/user/restricted-handler.sh",from="ALLOWED_HOST_FQDN",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty PUBLICKEY
|
@ -0,0 +1,23 @@
|
||||
#!/bin/bash
|
||||
|
||||
set $SSH_ORIGINAL_COMMAND
|
||||
|
||||
case "$1" in
|
||||
ls)
|
||||
;;
|
||||
scp)
|
||||
;;
|
||||
/bin/scp)
|
||||
;;
|
||||
rm)
|
||||
;;
|
||||
/path/to/custom/command)
|
||||
;;
|
||||
*)
|
||||
logger -s -t restricted-command -- "Invalid command $@"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
logger -t restricted-command -- "Executing $@"
|
||||
exec "$@"
|
@ -0,0 +1 @@
|
||||
command="/home/slack-lab/bin/restricted-handler.sh" SSHPUBKEY
|
@ -0,0 +1,16 @@
|
||||
#!/bin/bash
|
||||
|
||||
set $SSH_ORIGINAL_COMMAND
|
||||
|
||||
case "$1" in
|
||||
rsync)
|
||||
;;
|
||||
*)
|
||||
logger -s -t restricted-command -- "Invalid command $@"
|
||||
echo "An attempt was made to utilize the private key on a KNEL managed server to access control and execute the following command: $@" | mail -s "SECURITY BREACH ON control for slack account: $USER" BREACHPAGEEMAIL
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exec "$@"
|
||||
|
Reference in New Issue
Block a user