Re: locking an SFTP user into only one directory.

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Ben Trussell
Date:  
To: amit, Main PLUG discussion list
Subject: Re: locking an SFTP user into only one directory.
This might be helpful. Basically you create a mini environment for the
user, then on login the user is restricted to only that environment in
terms of scope (they don't 'see' the rest of the server's filesystems).

http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/


On Wed, Apr 30, 2014 at 4:19 PM, Amit Nepal <> wrote:

> A while back, I had done this to restrict to a particular directory ,
> but it may not be ideal for you as you already have some parent
> directories, but you can give a try :
>
> http://www.amitnepal.com/chrooting-users-with-sftp/
>
> Or , you may be able to mount that directory somewhere else and give
> access like this :
> http://www.amitnepal.com/ftp-access-to-files-outside-base-directory/
>
> Just look at this part :
>
> mkdir /home/username/extraaccess
>
> mount --bind /folder/to/grant/access/ /home/username/extraaccess
>
> Thanks
>
>
>
> *Amit K Nepal Chief Information Officer (RHCE, CCENT, C|EH, C|HFI, GIAC
> ISO 27000 Specialist) omNovia Technologies Inc. *
> On 4/30/2014 3:54 PM, keith smith wrote:
>
>
> Hi I'm using CentOS 6.5 and we use the users home dir + "public_html" as
> the docroot for our websites like this:
>
> /home/user_name/public_html
>
> We are using SSH for SFTP. Each host has only one SFTP user.
>
> What I need to do is add a directory, lets call it uploads like this:
>
> /home/user_name/public_html/uploads
>
> Any content in uploads must be accessible to Apache so it can be
> displayed.
>
> And I would like to add a user that can only access
> /home/user_name/public_html/uploads and would be able to add/edit/remove
> any files in just the uploads directory.
>
> I thought of a link, however that did not work. I created a user
> uploads which created a home dir /home/uploads and I tried to link that to
> /home/user_name/public_html/ which created
> /home/user_name/public_html/uploads . This did not work.
>
> I hope this makes sense.
>
> Any suggestions?
>
> Thanks in advance!!
>
> Keith
>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>




--
---
Ben

python -c "exec(\"import math\\nprint ''.join(map(lambda x: chr(x), (
(ord('a')-(3*5)), int(math.sqrt(math.pi*76)*5+2),
int(math.ceil(math.e)*28), int(math.floor(math.e)*35),
long(abs(4%3*35+3)*2))))\")"
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss