I have limited experience in linux but I'll find my way around if kicked in the right direction, I hope. ;)
I'd want to open a ssh port to my homebox for external staff and some friends. I don't suppose they'll try to be funny but safe is better than sorry.
For this I created a group "external" and userids like "staff01".
How can I keep them from walking around in my system ? They should only be able to drop and collect documents which are in their home-directory.
there are two buzzwords: "restricted shells" and "chroot jails" that should let you go to the right direction. Furthermore you can assign your friends to a group friends and your staff to group staff. Both groups should'nt have any access rights elsewhere but in their homedir. Michael