Therefore, I was wondering if it is possible to only restrict “localhost” with the Terminal/Shell App?
We would prefer not to allow users to ssh to various different hosts from OOD, so any suggestions are welcome!
Yes, you can now just in 1.7! However, given the other topic about sshing into localhost, I’d discourage localhost in favor of the fqdn rhino-ood-unl.edu.
In any case, you can use a script wrapper that can check what host you’re trying to shell into and kick out if there’s some issue. The host should be $1 (the first argument).
@jeff.ohrstrom, thanks again for the prompt reply - I will give that a try!
Regarding the “localhost” thing - I talked to our system administrator, and he set HostBasedAuthentication on the OOD node to be allowed from the local machine (localhost). We tested it, and since that is the first authentication method that will be tried, as long as that works, users’ public keys won’t be used. He did some additional magic as well, so I believe using “localhost” is ok for us. We don’t have OOD in production yet which makes things easier - all my questions are coming from playing with the test instance we have.