Scponly with chroot setup but user can STILL forward ports... [SOLVED]

I'm using scponly and have chrooted a user to his home directory.  I noticed however that I can ssh into the box enabling port forwarding which is a dangerous security breach in my opinion.  I'd like to have the ability keep port forwarding for other users, but for the scponly user, I'd like to disallow ssh port forwarding.  Anyone know how?
$ ssh nightshade -P 8081
username@nightshade's password:
Welcome to nightshade
Last edited by graysky (2009-09-25 19:08:26)

Turns out this can be accomplished by the addition of two new lines to the sshd_config:
Match user USERNAME
AllowTcpForwarding no

Similar Messages

  • Ending a session but user can still log in...

    I've created a series of jsp pages, and put headers in them to prevent caching of output. I have a bean to store the user info and the bean is stored in the session.
    Fbean u = (Fbean) session.getAttribute("beanname");
    When the user logs out, I have:
    session.removeAttribute("beanname");
    So it works fine at first. The user hits the BACK button and he's taken to a login page. If he presses the BACK button again he's taken to a page where the "PAGE EXPIRED ...hit refresh..." The problem is when I hit the refresh button I'm logged in again as if I didn't even log out.
    Can anyone help solve this issue?
    I appreciate it,
    Thanks,
    Lior

    "PAGE EXPIRED ...hit refresh..." The problem is when I
    hit the refresh button I'm logged in again as if I
    didn't even log out.Maybe the problem is in that page what you press refesh on. Are you checking the session to see if the user is a valid logged in user? This is just a guess
    So when user logs in it sets a session attribute (let's say his/her username). So on the page where you are refreshing, the first thing you should do is
    String loginUsername = (String)session.getAttribute("username");
    if (loginUsername.length == 0)
    // send user to log out page.
    // continue rest of page here

  • Hey,i forgot my login password,so i changed the password by using terminal command(reset password).now i have new user name with new password,but i can't find  my data which i have saved on mac.please help me out in this matter.

    hey,i forgot my login password,so i changed the password by using terminal command(reset password).now i have new user name with new password,
    but i can't find  my data which i have saved on mac.the storage is showing data used and free space on the disk
    please help me out in this matter.

    How did you change your user name?
    resetpassword wouldn't have done it. If you managed to create a new user, then your data is still in the old account.

  • Can anybody help me setting up my new IPad  I getting Germany language on my app store application.?.... I change the language option un the setup but it's still in German.

    Can anybody help me setting up my new IPad  I getting Germany language on my app store application.?.... I change the language option on the setup but it's still in German.

    Are you in Germany when connecting to the App store?  How long has it been doing this?

  • HT1578 I have created an encrypted disc to prevent others from seeing certain videos but they can still be opened with Garageband. What can I do to?

    I have created an encrypted disc to prevent others from seeing certain videos but they can still be opened with Garageband. What can I do to?

    Hi BGreg,
    The disc WAS injected when I first discovered that. It doesn't sto garageband (maybe other apps too) from reading & opening the files.

  • Lync 2013 disabled user can still login.

    Ok. so we have this weird behavior and it's been driving us crazy for over a week. We have a lync 2013 deployment on a forest with several child domains.<o:p></o:p>
    In the middle of the deployment, we noticed that our changes to the user characteristics were not being updated. Eg: we enable or disable
    enterprise voice, no changes. We change the sip URI, log out, login, nothing, no changes. And we noticed that if we disable the user from Lync server (from the lync controlpanel), the user can still login. We assumed some lag on AD replication, but no, a user
    can still login after a week!<o:p></o:p>
    The deployment is a standard Lync 2013, single FE, with a single Edge server. We have enabled Enterprise voice, changes to the enterprise voice routes are
    working, if we enable or disable a route we can see it on the client, but changes on the dialplan are not reflected.<o:p></o:p>
    I can’t find any reference to this behavior. I know if I disable a user from the AD he can still signing into Lync, but this is different, we are disabling
    the user from Lync server. We even removed the user completely from Lync and he can still use it as normal.<o:p></o:p>
    We checked the user using adsiedit and the msrtcsip-userenabled is set to false, we even voided the certificate via lync console. Still able to use it.
    Suggestions?
    Thanks in advance.
    Fabio Ricci.

    Hi,
    Please check if there is any error message on FE Server when the issue happen.
    It seems to be the issue of CMS replication.
    Please check CMS replication status by running Get-CsManagementStoreReplicationStatus.
    If CMS replication not update to the latest version, run Invoke-CsManagementStoreReplication.
    If the issue persists, please check Lync Server update, make sure Lync Server update to the latest version, and then test again.
    Best Regards,
    Eason Huang
    Eason Huang
    TechNet Community Support

  • TS1369 itunes no longer sees my devices. But I can still see them in windows. Please help

    itunes no longer sees my devices. But I can still see them in windows. Please help

    Try
    iOS: Device not recognized in iTunes for Windows
    I would start with               
    Removing and Reinstalling iTunes, QuickTime, and other software components for Windows XP
    or               
    Removing and reinstalling iTunes and other software components for Windows Vista, Windows 7, or Windows 8
    New cable and different USB port?
    Runs this and see if the results help with determine the cause
    iTunes for Windows: Device Sync Tests
    Try on another computer to help determine if computer or iPod problem

  • Alright, so my ipod touch stopped working, but I can still connect it to itunes, but my friend gave me his old nano. I was wondering how I could get my more updated songs from my ipod touch onto the shuffle. My laptop crashed whish had all my new music

    Alright, so my ipod touch stopped working, but I can still connect it to itunes, but my friend gave me his old nano. I was wondering how I could get my more updated songs from my ipod touch onto th nano. My laptop crashed whitch had all my new music, and im afraid if I sync my Ipod touch to the desktop with all my old songs, ill lose all my newer ones which I dont want to happen because I want them on my nano. Im sorry for the confusing topic im just so lost.

    All you have to do is connect your new iPod to the computer that has the library for your old iPod.
    When iTunes comes up, click on your new iPod under Devices.
    At the top of the Summary Page click Music.
    Click Synch Music.
    Do the same thing for Photos, Apps, Movies and so on...
    Now just synch the iPod.

  • I'm trying to extend my wifi network with time capsule but it can't find the existing wifi network

    I'm trying to extend my wifi network with time capsule but it can't find the existing BT wifi network even though it is there with a good signal strength. The Time Capsule is connected to a Netgear router via ethernet.

    You will need to start over on the setup of the Time Capsule as follows:
    Disconnect any Ethernet cables that might be connected to the Time Capsule, but leave it powered on
    Hold in the reset button on the back of the Time Capsule for 8-10 seconds and release. The reset button is located next to the AC power socket.
    Allow a full minute for the Time Capsule to restart to a slow, blinking amber light
    Connect the Ethernet cable from a LAN <--> port on the Netgear to the WAN "O" port on the Time Capsule.  The Ethernet cable must remain connected at all times.
    Click the WiFi icon at the top of the Mac's screen
    Look for a setting of New AirPort Base Station
    Click on Time Capsule
    The example below shows an AirPort Express. You will see Time Capsule on your screen.
    That will get the setup wizard going. It will take a minute to analyze the settings, then display a screen that looks like this, except you will see a picture of the Time Capsule
    Network Name..........Type in the exact name that the Netgear wireless is using
    Base Station.............Type in a name that you want to call the Time Capsule.  Use something short and simple. Mine is TC, for example
    Password..................Type in the exact password that the Netgear wireless requires
    Verify.........................Verify the Password again
    Click Next
    The setup wizard will configure everything for you automatically.  When you see the message of Setup Complete, click Done.
    That's it.  Now you have one big "extended" network.  Technically, this is called a "roaming" network.

  • I need a VoIp app to use with firefox OS but I can't find any.

    I need a VoIp app to use with firefox OS but I can't find any.
    Is there any app like skype or VoIpBuster?

    Hello c.glez.az,
    Thank you for contacting Mozilla Support. We don't currently have a Voip app in our Marketplace, but keep checking. Our marketplace is still quite young and new apps are being released everyday.
    Thank you!
    Patrick

  • All of a sudden my IMessage wont let me send any messages but i can still receive them what should i do?

    My IMessage wont let me send any messages but i can still recive them how can i fix this?

    Because Apple's currently having trouble with the iMessage and FaceTime servers. Nothing can be done from your end.

  • I installed New version and now I cant see videos but I can still hear them.

    I installed New Version and Now I cant see videos but I can still hear them. I have Tried everything to fix the Problem. HELP PLEASE!!!!

    Hello
    I have a little bit different problem but its close to this.
    I have installed the .10 version and now i cant see any Video on youtube. And it does not play any sound. It not opens anything with flash player.
    I deinstalled and rebootet the player. I installed the new version again. 10 times....
    I also tried an old version. The 2 older versions. No change -.- its really annoying.
    can you see the Flash animation at http://www.adobe.com/software/flash/about/ ?
    i cant see that animation... but in the help is NOWHERE written what u should do if you cant see that....

  • I just upgraded itunes. And now I cannot see my iPads or iPod in the left margin of itunes? But I can still see them in my Windows Explorer?

    I just upgraded itunes. And now I cannot see my iPads or iPod in the left margin of itunes? But I can still see them in my Windows Explorer?

    Hey there MattSK123,
    Thank you for your question. It sounds like you are unable to see either of your devices in the sidebar of iTunes after a recent update. A number of issues could cause this type of behaviour, and would recommend starting with the troubleshooting from the article named:
    iOS: Device not recognized in iTunes for Windows
    http://support.apple.com/kb/ts1538
    If the issue is not resolved, I would next re install iTunes from either of the following articles depending on the version of Windows you have:
    Removing and reinstalling iTunes and other software components for Windows Vista, Windows 7, or Windows 8
    http://support.apple.com/kb/ht1923
    Or
    Removing and Reinstalling iTunes and other software components for Windows XP
    http://support.apple.com/kb/ht1925
    Thank you for using Apple Support Communities.
    Take care,
    Sterling

  • Lock "Print & Fax" Sys Preference user can still add printers, why?

    lock "Print & Fax" Sys Preference user can still add printers, why?

    I should add that, I click the lock icon and it shows locked, but the + sign to add a printer is not greyed out and still allows printer drivers to be installed.  It then allows the printer driver to be deleted.  I have tried quiting System Preferences and rebooting the system and still have the same results.
    Pat

  • Once in awhile my screen will freeze while I'm watching a video. Lately it's happening more often, I'm watching a video and it'll freeze BUT I can still hear the dialogue. Only solution I've found so far is to do a hard shut down. HELP!!

    Once in awhile my screen will freeze while I'm watching a video. Lately it's happening more often, I'm watching a video and it'll freeze BUT I can still hear the dialogue. Only solution I've found so far is to do a hard shut down. HELP!!

    Hi there, im also having this problem, i tried running most of the games on my system, and some that are considered "high end" games, are giving me the exact same problem, but other games are running and im able to message fine, i also got some friends to send me messages, and i can recieve messages perfectly, also i noticed moving the actual window around on the screen or just closing down skype also lags. I have 16GB of ram and 4.4Ghz Octa-Core CPU, i checked my load while on the high end games and it there was more than enough hardware usage left like normal for skype to run, and skype wasnt taking any extra up than before. I also checked by bandwidth and i was having no problems with that as skype would lag even on offline games. 
    I have tried re-installing under a different directory and still the same problem persists, this has only been a problem within the last 24hrs and i haven't installed any other programs that could affect this at the moment.
    *UPDATE* I tried downgrading to an older version of skype, 6.3.0.107. Problem Still persists

Maybe you are looking for

  • Can't update ipod because required file can not be found! HELP!!!!!

    about a week ago i was deleting files on my computer to free up space. when i tried to update my iPod later it said that... The iPod can't be updated. The required file can not be found... i do not know what to do and i bought a lot of songs but i ca

  • The mysteries of auto sleep

    When I purchased my iMac it came with Leopard 10.5.6 and auto sleep worked without problems, but after updating to 10.5.7 my iMac no longer went to sleep automatically and this continued after 10.5.8. Updated my iMac to Snow Leopard 10.6, everything

  • Help!! New W530 and I have a recovery disc creation error?

    Hi, I just got a brand new W530 and got an error when creating the recovery discs.  Now the process won't restart.   Is there a solution?  The partition is still there but the wizard won't start up again so I can't give it another shot. Solved! Go to

  • Slideshow keeps repeating same photo

    On slide show the same photo keeps repeating, ive tried adjusting settings but can't fix problem thanks

  • F.05 Exch.Rate value issue

    Hi Gurus, I have a question on the exch. rate value on F.05 report. There are 2 Exch. rate columns on F.05 report. The value in second exchange rate column is a little offset. For the same accounting document and for the same posting period it displa