GNU Rush is a Restricted User Shell, designed for sites providing limited remote access to their resources, such as, for example, savannah.gnu.org. Its main program, rush, is configured as a user login shell for users that are allowed only remote access to the machine. Using a flexible configuration file, GNU Rush gives administrator complete control over the command lines that users execute, and allows to tune the usage of system resources, such as virtual memory, CPU time, etc. on a per-user basis.
In particular, GNU Rush allows to run remote programs in a chrooted environment, which helps tighten security when offering access over such programs as sftp-server or scp, that access the entire file system by default.
Another important feature of rush is notification. It allows to notify another processes via an INET or UNIX socket about termination of the user session.
All accesses via rush are monitored. GNU Rush includes two programs that help visualize the history of accesses: rushwho, which displays the list of currently logged in users, and rushlast, which shows the history of accesses. The output format of both utilities is configurable.