Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > rssh configuration > Installing and configuring rssh to allow only scp and sftp

Installing and configuring rssh

We can use yum on CentOS to install rssh. After installing edit file '/etc/rssh.conf' and uncomment below lines

allowscp
allowsftp

After this use commmand 'usermod -s /usr/bin/rssh <username>' to set default shell for user as rssh. This would force user to use only sftp and scp commands. SSH shell access for user would get completely disabled. 'gftp', 'winscp' and 'ssh secure file transfer client' have been tested with this setup and they all work fine.

After this even using command 'su - <username&gtt;' for restricted users will stop working.

Mounting sftp filesystems

One can always use fuse-sshfs to mount filesystems/folders restricted by rssh on local machine so that user dont have to worry about synchronizing files between server and local machine. One can install 'fuse-sshfs' package on CentOS and then use below command syntax to mount sshfs filesystems

sshfs <user>@<server:[<path>] <mount_point>

Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > rssh configuration > Installing and configuring rssh to allow only scp and sftp