\n\tHow do put a user into a restricted bash environment? Let's say for example for using the shell access only for SSH tunneling? Here a small howto:\n<\/p>\n
\n\tFirst you need to create a symlink called "rbash" as it does not exist on CentOS\/Fedora. If bash is invoked as rbash it automatically transforms into a restricted shell\n<\/p>\n
\n# ln -s \/bin\/bash \/bin\/rbash<\/pre>\n\n\tnow open your passwd file and change the shell to rbash and save, your line should then look like the following:\n<\/p>\n
\n<USER>:x:<UID>:<GID>::<HOMEDIR>:\/bin\/rbash<\/pre>\n\n\tNext step is to harden the bash for that previously mentioned user so that he cannot execute any commands:\n<\/p>\n
\n\topen .bashrc in the user's homefolder and change the "export PATH" line:\n<\/p>\n
\nexport PATH=~<\/pre>\n\n\tthis sets the path to the home folder. Now secure the file against further changes:\n<\/p>\n
\nchown root:<myuser> .bashrc\nchmod 640 .bashrc<\/pre>\n\n\tThat's it. now test it and the logged in user should not be able to execute any commands. More information about the restricted shell can be found here<\/a>.\n<\/p>\n
\n\tIf you want the user to execute specific commands use symlinks into his homefolder:\n<\/p>\n
\n# ln -s \/bin\/ping \/home\/<user>\/ping<\/pre>\n