I don't know about only scp, but I had a similar situation trying to limit 
what certain remote users were able to do.  I tried in vain to find a way 
to do a chroot'ed shell.  In the end I created a bin direcotory under the 
users directory, created links in the bin directory for the things the 
users needed to run and changed their path to include only the new ~/bin 
direcotry.

Perhaps not the most elegant situation, but the users that I was allowing 
to access weren't that technically savvy and it helped me get what I needed 
to get done in a short period of time.

Hope this helps.

Patrick

At 01:01 PM 04/12/2002 -0700, you wrote:
>moin, moin,
>
>is there a way to reliably allow only scp?
>
>Also, what about a very restricted shell? I want to be able to say explicity
>what they're allowed to run. The specific commands will actually be sudo
>stuff.
>
>ciao,
>
>der.hans
>--
>#  This line intentionally left blank.
>#  If you're not learning, you're not living. - der.hans
>
>________________________________________________
>See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't 
>post to the list quickly and you use Netscape to write mail.
>
>PLUG-discuss mailing list  -  PLUG-discuss@lists.plug.phoenix.az.us
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss