Secure File Transfer & Jailed user accounts
montsegur
montsegur at nervesync.com
Sat Aug 27 02:28:58 MST 2005
Bryan,
Take a look at scponly. Its a alt shell that allows only scp/sftp
access, but not ssh shell access. It also comes with a document
building jails.
http://www.sublimation.org/scponly/
A search of FC4+scponly+RPM on google
<http://www.google.com/search?num=50&hl=en&lr=&q=scponly+AND+%28%22Fedora+Core+4%22+OR+FC4%29+AND+RPM&btnG=Search>
(tinyurl: http://tinyurl.com/7v3xh)
Ben
Bryan.ONeal at asu.edu wrote:
>Ok at this point I am willing to do anything, including wiping out my OS and
>starting from scratch.
>
>I need a way for users to access my box in a secure manor and upload / download
>files. But I also need to ensure that those users can never navigate above
>their home directory (I will have several users set to the same home)
>
>I can not get chroot to work for the life of me!
>
>Can any one offer some serious help and a bit of hand holding? And in this case
>assume I am a newb, and instructions like "copy the required files to the chroot
>jail" mean as much to me as "go a head and build the a coliseum and then fill it
>with lions" as I have no idea what are the minimum required file or where they
>are located. (Ok I do know how to copy files but lately I am feeling like that
>may be the extent of my knowledge)
>
>Currently I am using FC4 with ACL on the home directory, but I am willing to
>change to any system (as long as I can still use ACL) and I am no longer
>married to SSH, if it can be done with SCP easier, or even something else, then
>I am down. As long as my windows users can get their stuff with nothing more
>complex the FileZilla, then there should be no issue with trying something new.
> I would not even mind setting up SMB shares either if some one can tell me how
>to secure it.
>
>
>Thanks in advance,
> Bryan O'Neal
>
>BTW For the first person who can show me how to do this, I will cover your
>entier tab at the next Linux Happy Hour (Say in a month?)
>---------------------------------------------------
>PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>To subscribe, unsubscribe, or to change you mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.plug.phoenix.az.us/pipermail/plug-discuss/attachments/20050827/7a178e07/attachment.htm
More information about the PLUG-discuss
mailing list