configpolicy

dustin

History

Dustin 0d30e54fd5 r/fileserver: Restrict non-administrators to SFTP Normal users do not need shell access to the file server, and certainly should not be allowed to e.g. forward ports through it. Using a `Match` block, we can apply restrictions to users who do not need administrative functionality. In this case, we restrict everyone who is not a member of the Server Admins group in the PYROCUFFLINK AD domain.	2024-02-01 10:29:32 -06:00
..
main.yml	r/fileserver: Restrict non-administrators to SFTP	2024-02-01 10:29:32 -06:00

Dustin 0d30e54fd5 r/fileserver: Restrict non-administrators to SFTP

Normal users do not need shell access to the file server, and certainly
should not be allowed to e.g. forward ports through it.  Using a `Match`
block, we can apply restrictions to users who do not need administrative
functionality.  In this case, we restrict everyone who is not a member
of the *Server Admins* group in the PYROCUFFLINK AD domain.

2024-02-01 10:29:32 -06:00

main.yml

r/fileserver: Restrict non-administrators to SFTP

2024-02-01 10:29:32 -06:00