Re: Secure File Transfer & Jailed user accounts

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM\Craig White at <-
.MM 
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: montsegur
Date:  
To: Main PLUG discussion list
Subject: Re: Secure File Transfer & Jailed user accounts
Bryan,
Take a look at scponly.  Its a alt shell that allows only scp/sftp
access, but not ssh shell access.  It also comes with a document
building jails.
    http://www.sublimation.org/scponly/
    A search of  FC4+scponly+RPM on google
<http://www.google.com/search?num=50&hl=en&lr=&q=scponly+AND+%28%22Fedora+Core+4%22+OR+FC4%29+AND+RPM&btnG=Search>
(tinyurl: http://tinyurl.com/7v3xh)


Ben

wrote:

>Ok at this point I am willing to do anything, including wiping out my OS and
>starting from scratch.
>
>I need a way for users to access my box in a secure manor and upload / download
>files. But I also need to ensure that those users can never navigate above
>their home directory (I will have several users set to the same home)
>
>I can not get chroot to work for the life of me!
>
>Can any one offer some serious help and a bit of hand holding? And in this case
>assume I am a newb, and instructions like "copy the required files to the chroot
>jail" mean as much to me as "go a head and build the a coliseum and then fill it
>with lions" as I have no idea what are the minimum required file or where they
>are located. (Ok I do know how to copy files but lately I am feeling like that
>may be the extent of my knowledge)
>
>Currently I am using FC4 with ACL on the home directory, but I am willing to
>change to any system (as long as I can still use ACL) and I am no longer
>married to SSH, if it can be done with SCP easier, or even something else, then
>I am down. As long as my windows users can get their stuff with nothing more
>complex the FileZilla, then there should be no issue with trying something new.
> I would not even mind setting up SMB shares either if some one can tell me how
>to secure it.
>
>
>Thanks in advance,
>       Bryan O'Neal

>
>BTW For the first person who can show me how to do this, I will cover your
>entier tab at the next Linux Happy Hour (Say in a month?)
>---------------------------------------------------
>PLUG-discuss mailing list -
>To subscribe, unsubscribe, or to change you mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-land line converterRe: land line converter->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)