alt Hacker NewsGreat pointers, thank you
How would you go about allowing something like `ssh user@server "ls somefolder/"` but disallowing `ssh user@server "rm"`?
Similarly, allow `ssh user@server "mysql \"SELECT...\""`, but block `ssh user@server "mysql \"[UPDATE|DELETE|DROP|TRUNCATE|INSERT]...\""` ?
Ideally in a way that it can provide more autonomy for the agent, so that I need to review fewer commands
Replies
If you control the ssh server it can be configured to only allow what you want. Certainly tedious but I would consider it worth while as it stands with agents being well, agentic.
I don't know; I've never done something like that. If no one else answers, you can always ask Claude itself (or another chatbot). This kind of thing seems tricky to get right, so be careful!
Sounds like this might help: https://www.gnu.org/software/bash/manual/html_node/The-Restr...
I'm not familiar with rbash, but it seems like it can do (at least some of) what you want.