Default secure shell (SSH) access rights

Secure shell (SSH) access rights enable you to limit what users who are granted the PAM ssh or sshd right can do. These rights have no effect without the PAM ssh or sshd right. In addition, the default secure shell rights are only applicable for the Centrify-compiled version of OpenSSH.

For Linux and UNIX computers, the following predefined secure shell access rights are available:

  • dzssh-all grants access to all secure shell services.
  • dzssh-direct-tcpip allows local and dynamic port forwarding (ssh-L, ssh -D).
  • dzssh-exec allows command execution.
  • dzssh-scp allows secure copy (scp) operations.
  • dzssh-sftp allows secure file transfer (sftp) operations.
  • dzssh-shell allows secure terminal (tty/pty) connections.
  • dzssh-Subsystem allows an external subsystem except sftp subsystem which has its own right.
  • dzssh-tcpip-forward allows remote port forwarding (ssh -R).
  • dzssh-tunnel allows tunnel device forwarding.
  • dzssh-X11-forwarding allows X11 forwarding.