configpolicy

dustin

History

Dustin 0d30e54fd5 r/fileserver: Restrict non-administrators to SFTP Normal users do not need shell access to the file server, and certainly should not be allowed to e.g. forward ports through it. Using a `Match` block, we can apply restrictions to users who do not need administrative functionality. In this case, we restrict everyone who is not a member of the Server Admins group in the PYROCUFFLINK AD domain.	2024-02-01 10:29:32 -06:00
..
sftp-only.sshd_config.j2	r/fileserver: Restrict non-administrators to SFTP	2024-02-01 10:29:32 -06:00
shares.conf.j2	roles/fileserver: Deploy Samba file server	2018-08-01 22:04:07 -05:00

Dustin 0d30e54fd5 r/fileserver: Restrict non-administrators to SFTP

Normal users do not need shell access to the file server, and certainly
should not be allowed to e.g. forward ports through it.  Using a `Match`
block, we can apply restrictions to users who do not need administrative
functionality.  In this case, we restrict everyone who is not a member
of the *Server Admins* group in the PYROCUFFLINK AD domain.

2024-02-01 10:29:32 -06:00

sftp-only.sshd_config.j2

r/fileserver: Restrict non-administrators to SFTP

2024-02-01 10:29:32 -06:00

shares.conf.j2

roles/fileserver: Deploy Samba file server

2018-08-01 22:04:07 -05:00