How do i restrict commands that a user can execute in ssh in ezsh shell ?
Restrict commands in ezsh jump server shell
1. Enable command guard from Ezeelogin GUI > Settings > General > Security > Command Guard > Enable
2. Add a command group from Ezeelogin GUI > Command Guard > Command Groups > Add Group
3. Add command from Ezeelogin GUI > Command Guard > Commands > Add command
For example, the following image shows regular expressions to block a user from executing the " kubectl " command with the " delete " option.
The following image shows another example of a regular expression to delete files and directories from the command line with '' rm -rf ''.
4. Add the command to Command Group from Ezeelogin GUI > Command Guard > Command group >Actions > Click on Commands icon
5. Edit the user, choose the command group and Allow / Disallow commands for the user.
Select the command group from the Drop down windows and select Allow / Disallow to allow or disallow commands in the command group selected
Allow will let the user execute only those commands matching the regular expression of commands in the command group
Disallow will prevent the user from executing any of the commands matching the regular expression of commands in the command group and will let the user execute all other commands.