Secure File Transfer & Jailed user accounts

[der.hans]

Am 26. Aug, 2005 schwätzte Bryan.ONeal at asu.edu so:

> Ok at this point I am willing to do anything, including wiping out my OS and
> starting from scratch.
>
> I need a way for users to access my box in a secure manor and upload / download
> files.  But I also need to ensure that those users can never navigate above
> their home directory (I will have several users set to the same home)
>
> I can not get chroot to work for the life of me!

It's a good idea, but it's not necessary.

I'd suggest looking into a restricted shell. For instance, there's rbash (
look for it in the bash man page ).

I'm worried about one part, though.

###
       When a command that is found to be a shell script is executed (see
COM‐
       MAND EXECUTION above), rbash turns off any restrictions  in  the
shell
       spawned to execute the script.
###

So you just need to be able to write shell scripts to get around the
restrictions?

Hopefull sftp can be configured to do what you're wanting.

apt-cache search for filezilla returns nothing, so I don't know if
FileZilla can handle sftp. At least a few GUIs can.

ciao,

der.hans
-- 
#  https://www.LuftHans.com/    http://www.AZOTO.org/
#  "Communications without intelligence is noise;
#  Intelligence without communications is irrelevant."
#  Gen. Alfred. M. Gray, USMC