On Thu, 30 Aug 2012 14:37:34 +0100, Roger Lynn wrote: > I want to force everyone except members of a particular group to run > sftp when they ssh into a server. So at the end of /etc/ssh/sshd_config > I have: > > Match Group !sshers > ForceCommand /usr/lib/openssh/sftp-server > > However I can't get the group negation to work. If I remove the '!' it > works as expected, in that members of sshers are forced to run sftp. > With the '!' the condition is never met, no one is forced to run sftp > and the whole stanza appears to do nothing. > > The documentation on the Match keyword is not very helpful, but it > appears that the above should be allowed. What am I doing wrong? Is it a > bug?
(...) Agree, it could have been better docummented as Oracle did by adding some practical samples for their SunOS package: *** http://docs.oracle.com/cd/E19082-01/819-2251/6n4i7tddd/index.html Displaying a special banner for users not in the staff group: Match Group *,!staff Banner /etc/banner.text *** Check if that also works for you. Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/k1o265$pns$9...@ger.gmane.org
