On Wed, 13 May 2009 23:15:49 -0400, John C Nash <nashjc [ at ] uottawa [ dot ] ca> wrote: > I'm trying to get various statisticians to run performance tests on > their machinery and have my "tester" put the results (roughly 30K file > per run) onto my server. I can do this in a cross-platform way with scp > (pscp in Windows, not sure on Mac yet, but there should be an scp > client). However, this uses key pairs and possibly opens up the pseudo > user on my server. Does anyone have pointers to how to lock down > security holes? I'd like to avoid using web protocols and just keep ssh > open if I can. > I was looking around to see if you could do something similar to changing the users shell in /etc/passwd to /bin/false that would still allow SCP, then I came across 'scponly'. http://www.sublimation.org/scponly/wiki/index.php/Main_Page Also there is another similar one called 'rssh': http://www.pizzashack.org/rssh/ "rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. It now also includes support for rdist, rsync, and cvs. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. For a list of platforms on which rssh is known to work, see the Platform Support Page." Little bit of work to setup but either of these may be perfect for you... Cheers, Mark