#StackBounty: #linux #ssh #permissions #user-accounts #centos-7 Bastion server: create users with the ability only to ssh destination s…

Bounty: 50

We have bastion server. We should have some users that need to SSH from local through bastion to C, using proxyCammand and private key.

I want to create users and group that should have access ONLY to ssh from the Bastion host (it happens via proxyCommand). They also don’t need to read files.

How can I do that? Is there a way?

The other alternative, if the above is not possible, is to have only read access for allowed files, except restricted files (defaulted by OS) that have read access only to there groups.

Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.