On Mon, Jun 28, 2004 at 08:21:31PM +0200, Robert Cates wrote:
Hi,
I don't exactly like the idea of having to setup a mini-system in
everybodies home dir, so maybe the Jailkit will be the answer.(?) Somehow
I'm a little surprised that the OpenSSH project hasn't provided this feature
in SSH and
On Mon, Jun 28, 2004 at 08:21:31PM +0200, Robert Cates wrote:
Hi,
I don't exactly like the idea of having to setup a mini-system in
everybodies home dir, so maybe the Jailkit will be the answer.(?) Somehow
I'm a little surprised that the OpenSSH project hasn't provided this feature
in SSH and
On Monday 28 June 2004 12.17, Robert Cates wrote:
I would like to know if there is a way to restrict user logins to
their home directories (or any other designated directory for that
matter) using sftp/ssh. I've got my ftp server configured so that
rssh is what you are looking for. Be sure to
Hi!
1.) Set users shell to /bin/false and add it to /etc/shells.
This will prevent ssh access for users, but allows ftp etc.
But what you are asking for is that (I think)
2.) http://chrootssh.sourceforge.net/index.php
Chroot your ssh for non-admin users by
- patching ssh
- replacing Users
Hi,
It sounds to me like you are looking for a chroot jail for some users.
apt-get install jailer
( jailer - Builds and maintains chrooted environments )
You will need to run a special daemon (jk_socketd) to log users into the
jail, but that is about the hardest part. I'll post my startup
John,
First off, I make a small mistake, the package I used was jailkit,
from either:
http://www.gnu.org/directory/All_Packages_in_Directory/jailkit.html
or
http://freshmeat.net/projects/jailkit/
It has tons of documentation to help you create a jailed environment,
including loading your jail
John,
Looks like there is a debian package created for jailkit now:
http://olivier.sessink.nl/jailkit/jailkit_0.9-1_i386.deb
md5 sums for these packages:
de67f1dbf6cec002290fe4faadf53821 jailkit_0.9-1_i386.deb
Mark
--- MB [EMAIL PROTECTED] wrote:
John,
First off, I make a small mistake,
/chrootedsftp.html but I'm
open to other maybe better ways.
Thanks again,
Robert
- Original Message -
From: MB [EMAIL PROTECTED]
To: Andreas John [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, June 28, 2004 6:47 PM
Subject: Re: restricting sftp/ssh login access
John,
First off, I
sftp/ssh login access
Hi, and thanks for the quick replies!
Just to be a bit clearer in what I'm asking: I would like to be able to
allow my customers to access their accounts (update their web sites) with
sftp which as I understand it is an extention to (Open)SSH, and
not FTP. I
know
?
I think my next e-mail will be to the OpenSSH project ;-)
Thanks,
Robert
- Original Message -
From: Andreas John [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: Robert Cates [EMAIL PROTECTED]
Sent: Monday, June 28, 2004 2:28 PM
Subject: Re: restricting sftp/ssh login access
Hi!
1.) Set
]
Subject: Re: restricting sftp/ssh login access
Hi, and thanks for the quick replies!
Just to be a bit clearer in what I'm asking: I would like to be
able to
allow my customers to access their accounts (update their web
sites) with
sftp which as I understand it is an extention to (Open)SSH
how about using rbash? Only does the shell part, and it is not very hard
to break out of the jail, but then again, allowing shell when you think
users are going to purposely try to break it isn't a good idea...
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe.
but most of them wouldn't be using sftp anyways.
Cheers,
Ehren Wilson
-Original Message-
From: Robert Cates [mailto:[EMAIL PROTECTED]
Sent: Monday, June 28, 2004 12:22 PM
To: [EMAIL PROTECTED]
Cc: Andreas John
Subject: Re: restricting sftp/ssh login access
Hi,
I don't exactly like
On Monday 28 June 2004 12.17, Robert Cates wrote:
I would like to know if there is a way to restrict user logins to
their home directories (or any other designated directory for that
matter) using sftp/ssh. I've got my ftp server configured so that
rssh is what you are looking for. Be sure to
Hi!
1.) Set users shell to /bin/false and add it to /etc/shells.
This will prevent ssh access for users, but allows ftp etc.
But what you are asking for is that (I think)
2.) http://chrootssh.sourceforge.net/index.php
Chroot your ssh for non-admin users by
- patching ssh
- replacing Users
John,
First off, I make a small mistake, the package I used was jailkit,
from either:
http://www.gnu.org/directory/All_Packages_in_Directory/jailkit.html
or
http://freshmeat.net/projects/jailkit/
It has tons of documentation to help you create a jailed environment,
including loading your jail
John,
Looks like there is a debian package created for jailkit now:
http://olivier.sessink.nl/jailkit/jailkit_0.9-1_i386.deb
md5 sums for these packages:
de67f1dbf6cec002290fe4faadf53821 jailkit_0.9-1_i386.deb
Mark
--- MB [EMAIL PROTECTED] wrote:
John,
First off, I make a small mistake,
/chrootedsftp.html but I'm
open to other maybe better ways.
Thanks again,
Robert
- Original Message -
From: MB [EMAIL PROTECTED]
To: Andreas John [EMAIL PROTECTED]
Cc: debian-isp@lists.debian.org
Sent: Monday, June 28, 2004 6:47 PM
Subject: Re: restricting sftp/ssh login access
John,
First
Subject: Re: restricting sftp/ssh login access
John,
First off, I make a small mistake, the package I used was jailkit,
from either:
http://www.gnu.org/directory/All_Packages_in_Directory/jailkit.html
or
http://freshmeat.net/projects/jailkit/
It has tons of documentation to help you
?
I think my next e-mail will be to the OpenSSH project ;-)
Thanks,
Robert
- Original Message -
From: Andreas John [EMAIL PROTECTED]
To: debian-isp@lists.debian.org
Cc: Robert Cates [EMAIL PROTECTED]
Sent: Monday, June 28, 2004 2:28 PM
Subject: Re: restricting sftp/ssh login access
Hi
PROTECTED]
Subject: Re: restricting sftp/ssh login access
Hi, and thanks for the quick replies!
Just to be a bit clearer in what I'm asking: I would like to be
able to
allow my customers to access their accounts (update their web
sites) with
sftp which as I understand it is an extention
how about using rbash? Only does the shell part, and it is not very hard
to break out of the jail, but then again, allowing shell when you think
users are going to purposely try to break it isn't a good idea...
but most of them wouldn't be using sftp anyways.
Cheers,
Ehren Wilson
-Original Message-
From: Robert Cates [mailto:[EMAIL PROTECTED]
Sent: Monday, June 28, 2004 12:22 PM
To: debian-isp@lists.debian.org
Cc: Andreas John
Subject: Re: restricting sftp/ssh login access
Hi,
I don't
23 matches
Mail list logo