1 |
Jarry wrote: |
2 |
> Or is there maybe some other way how to create very restricted |
3 |
> account where user could not do anything else but call shutdown? |
4 |
|
5 |
- Create a local account for the user. |
6 |
- Disable local login (passwd -l). |
7 |
- Set up SSH public key authentication for the account. |
8 |
- In ~/.ssh/authorized_keys2 for the account, set the following |
9 |
attributes for the public key: |
10 |
|
11 |
command="/usr/bin/sudo shutdown -h |
12 |
now",no-pty,no-port-forwarding,no-X11-forwarding |
13 |
|
14 |
- Set up sudoers to allow the user to run "shutdown -h now". |
15 |
|
16 |
This should allow the user to shut down the box by simply ssh'ing into it. |
17 |
|
18 |
-- Remy |