I've setup a ssh server so that users can transfer files over Internet. My next step was to cage users so that they can not go outside specified folder. I've browsed the web about chroot and found several interesting howtos, but something went wrong... For example, I tried this http://www.ssh.com/support/documentation/online/ssh/adminguide/31/Using_Chro... and the problem is when I compile from SuSE's openssh-3.5p1-47.src.rpm (openssh-3.5p1) I don't get program ssh-chrootmgr which is needed to setup things. Also are missing ChRootUsers, ChRootGropus and ssh-dummy-shell. What I've done wrong?...or how to get that from SuSE distribution (8.2).
The 03.07.01 at 15:52, Dejan B wrote:
I've setup a ssh server so that users can transfer files over Internet. My next step was to cage users so that they can not go outside specified folder. I've
You can define their shell to be rbash, instead of bash (restricted bash). It can not change directory. -- Cheers, Carlos Robinson
Tnaks I'll try that. Carlos E. R. wrote:
The 03.07.01 at 15:52, Dejan B wrote:
I've setup a ssh server so that users can transfer files over Internet. My next step was to cage users so that they can not go outside specified folder. I've
You can define their shell to be rbash, instead of bash (restricted bash). It can not change directory.
Yast says that rbash doesn't exist. Search in yast to add that shell produced no results. Carlos E. R. wrote:
The 03.07.01 at 15:52, Dejan B wrote:
I've setup a ssh server so that users can transfer files over Internet. My next step was to cage users so that they can not go outside specified folder. I've
You can define their shell to be rbash, instead of bash (restricted bash). It can not change directory.
* Dejan B
Yast says that rbash doesn't exist. Search in yast to add that shell produced no results.
Carlos E. R. wrote:
The 03.07.01 at 15:52, Dejan B wrote:
I've setup a ssh server so that users can transfer files over Internet. My next step was to cage users so that they can not go outside specified folder. I've
You can define their shell to be rbash, instead of bash (restricted bash). It can not change directory.
/usr/bin/rbash bash-2.05b-38.i586.rpm SuSE 8.1 install disks pin rbash ./suse/i586/bash-2.05b-38.i586.rpm: lrwxrwxrwx root root 14 Sep 9 21:07 -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org
Yes...I've put /bin/rbash. It does cage me in the folder I specify, but I need that user can move to the folders that are inside his cage. rbash prohibits any cd command. Thanks Dejan Batic Patrick Shanahan wrote:
* Dejan B
[07-02-03 20:53]: Yast says that rbash doesn't exist. Search in yast to add that shell produced no results.
Carlos E. R. wrote:
The 03.07.01 at 15:52, Dejan B wrote:
I've setup a ssh server so that users can transfer files over Internet. My next step was to cage users so that they can not go outside specified folder. I've
You can define their shell to be rbash, instead of bash (restricted bash). It can not change directory.
/usr/bin/rbash bash-2.05b-38.i586.rpm SuSE 8.1 install disks
pin rbash ./suse/i586/bash-2.05b-38.i586.rpm: lrwxrwxrwx root root 14 Sep 9 21:07
The 03.07.03 at 14:25, Dejan B wrote:
Yes...I've put /bin/rbash. It does cage me in the folder I specify, but I need that user can move to the folders that are inside his cage. rbash prohibits any cd command.
Well... rbash allows scripts, and these are not restricted, I think. I'm not sure who can write and own the script, probably not the user. -- Cheers, Carlos Robinson
The 03.07.02 at 21:51, Dejan B wrote:
Yast says that rbash doesn't exist. Search in yast to add that shell produced no results.
Because it is a symlink to bash. Use "pin bash" and you will find it. cer@nimrodel:~> rbash cer@nimrodel:~> cd rbash: cd: restricted cer@nimrodel:~> exit cer@nimrodel:~> -- Cheers, Carlos Robinson
participants (3)
-
Carlos E. R.
-
Dejan B
-
Patrick Shanahan