git_clone/handy-sshd
1
0
Fork 0
mirror of https://github.com/nwtgck/handy-sshd.git synced 2025-06-08 07:03:04 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

docs: permissions

Browse source
This commit is contained in:
Ryo Ota 2023-08-09 20:52:35 +09:00
parent 1143b17071
commit ba76a4552f
1 changed files with 30 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
README.md
View file

@ -40,6 +40,25 @@ handy-sshd -p 2222 --user "john:" --user "alice:"
handy-sshd --unix-socket /tmp/my-unix-socket --user "john:"
```
## Permissions
There are some permissions.
* --allow-direct-tcpip
* --allow-execute
* --allow-sftp
* --allow-tcpip-forward
All permissions are allowed when nothing is specified.
Specifying `--allow-direct-tcpip` and `--allow-execute` allows only "direct-tcpip" and command executions.
The log shows "allowed: " and "NOT allowed: " permissions as follows.
```console
$ handy-sshd --user "john:" --allow-direct-tcpip --allow-execute
2023/08/09 20:49:35 INFO listening on :2222...
2023/08/09 20:49:35 INFO allowed: "direct-tcpip", "execute"
2023/08/09 20:49:35 INFO NOT allowed: "tcpip-forward", "sftp"
```
## --help
```
@ -49,6 +68,10 @@ Usage:
handy-sshd [flags]
Flags:
--allow-direct-tcpip client can use local forwarding and SOCKS proxy
--allow-execute client can use shell/interactive shell
--allow-sftp client can use SFTP and SSHFS
--allow-tcpip-forward client can use remote forwarding
-h, --help help for handy-sshd
--host string SSH server host (e.g. 127.0.0.1)
-p, --port uint16 SSH server port (default 2222)