I want to lock down what a user can do when they ssh into my box. Pretty much so they can not do or see anything, but su to another user.
I'm allowing myself remote access to the box. I have 1 ssh user I use (sshd_config AllowUsers) and I log on using this user then su to my actual users I manage the box with.
I read about git shell creating a more secure shell where only git commands could be exec'd, is there something like that where I can lock down to just su?