> Actually...the first part should be possible. Just set the user's shell > to "/bin/false" so that they can't actually log into a shell.
In redhat user manager there was an option to put shell to /sbin/nologin but then I couldn't login even with sftp. I did little googling and found this: http://www.pizzashack.org/rssh/ dunno how secure it is but it works for restricting to sftp/ssh or scp. I can live with this but it would be nice to have an option that sftp users couldn't even change to directories they don't need to see... hopey > > > On Tue, Jan 21, 2003 at 02:12:25AM -0500, Esperanza Glass wrote: > > > I wanna add restricted openssh/sftp user who could only use sftp protocol and >would not be allowed to ssh/gain shell access to my box. Additionally user shouldn't >be able to see other directories on the system than his own. How can I do this? > > > > The short answer is you can't. There are some unsupported hacks that > > might help, but these can break anytime you do an ssh upgrade. > > > > Do a Google search for "ssh chroot" and you'll find some hits that help. > > There are also quite a few discussions in the archives about this topic. > > > > > > -- > Mike Burger > http://www.bubbanfriends.org > > Visit the Dog Pound II BBS > telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup Meet Singles http://corp.mail.com/lavalife -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list