[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setting up chroot jail for ssh







Alexandru Cabuz <alexcabuz@wanadoo.fr> wrote on 14.04.2005 11:14:22:

> > You could put your needed commands into the home-directory or into
> > /etc/skel to add the needed files, whenever a new user is created.
>
> What would be the "needed commands"?
> bash,ls,cd,cp,mv that kind of stuff? Where would I put them?

this depends, what you want to allow to the users:
have a look at your commands, an where they reside in your environment and just create the paths as needed.
e.g. you want the user to be able to use ssh, scp and touch
So you create the following directories:
/etc/skel/usr/bin/
in here you copy ssh and scp
/etc/skel/bin/
in here you copy touch

If you create a new user, adduser will create a home-directory by copying the /etc/skel - folder to /home/newusername

If you add the user to the group, which is shacc by default, (adduser newusername groupname) then the user can login per ssh, but will be jailed into his home-directory and has only the commands, you gave him.

> In a /bin directory in the path of the user or something like that?
>
> Alex.
>

I hope this is clear enough, otherwise let me know...

Bye,
Andy
----------------------------------------------------------------------------
| Andreas Sumper
| Project Management / Security / Administration
|
| nimbus Development IT Consulting GmbH
| we unleash the power of domino
|
| Annenstrasse 30/1
| 8020 Graz
| Tel.: +43 (0) 316 714 255 -> DW 18
| Fax: +43 (0) 316 714 255 -> DW 4
| http://www.nimbus.at/
----------------------------------------------------------------------------
| sent through Lotus Notes 6.5.1
| using wine on a linux box

Reply to: