This docuement will show you how to restrict any account to cvs, scp, sftp and/or rsync protocols only.


Explanation of requirements.

  1. Root or appropriate sudo access to the system
  2. Internet access

Doing the Work

Basic description of what will be done and what is expected.

  1. Install rssh from
  2. yum localinstall

  3. Edit /etc/rssh.conf and /etc/passwd:
  4. Uncomment these lines from the top of /etc/rssh.conf:

    Replace these lines from the top of /etc/passwd:
    replace: /bin/bash
    with: /usr/bin/rssh


  5. Restart sshd and attempt to connect from a remote system using sftp and ssh:

Troubleshooting / Testing

Explanation troubleshooting basics and expectations.

  1. Make sure your firewall or denyhosts has not banned or blocked your ip:
  2. iptables -L INPUT -v -n
    tail -f /etc/hosts.deny

  3. Restart sshd, make sure your password is correct for user:
  4. systemctl restart sshd.service
    sudo passwd new_user


We test this stuff on our own machines, really we do. But you may run into problems, if you do, come to #centoshelp on

Last Modified: 25 Dec, 2015 at 00:45:37