Re: setting up chroot jail for ssh
Alexandru Cabuz <alexcabuz@wanadoo.fr> wrote
on 14.04.2005 11:14:22:
> > You could put your needed commands into the home-directory or
into
> > /etc/skel to add the needed files, whenever a new user is created.
>
> What would be the "needed commands"?
> bash,ls,cd,cp,mv that kind of stuff? Where would I put them?
this depends, what you want to allow to the users:
have a look at your commands, an where they reside
in your environment and just create the paths as needed.
e.g. you want the user to be able to use ssh, scp
and touch
So you create the following directories:
/etc/skel/usr/bin/
in here you copy ssh and scp
/etc/skel/bin/
in here you copy touch
If you create a new user, adduser will create a home-directory
by copying the /etc/skel - folder to /home/newusername
If you add the user to the group, which is shacc by
default, (adduser newusername groupname) then the user can login per ssh,
but will be jailed into his home-directory and has only the commands, you
gave him.
> In a /bin directory in the path of the user or
something like that?
>
> Alex.
>
I hope this is clear enough, otherwise
let me know...
Bye,
Andy
----------------------------------------------------------------------------
| Andreas Sumper
| Project Management / Security / Administration
|
| nimbus Development IT Consulting GmbH
| we unleash the power of domino
|
| Annenstrasse 30/1
| 8020 Graz
| Tel.: +43 (0) 316 714 255 -> DW 18
| Fax: +43 (0) 316 714 255 -> DW 4
| http://www.nimbus.at/
----------------------------------------------------------------------------
| sent through Lotus Notes 6.5.1
| using wine on a linux box
Reply to: