LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 09-10-2003, 09:59 PM   #1
aeruzcar
Member
 
Registered: Jul 2003
Location: Santiago, Chile
Distribution: Gentoo
Posts: 282

Rep: Reputation: 30
Restrict Directories to users with SSH


Hi:
I am running SSHD and allow different people to login remotely. Is there a way to restrict them to specific directories?. For example if guestuser logs in, how can I allow him to search on his /home directory and another specific directory?. Also, is there a way for him to write in his home directory, but the other directory he can only read?
Thanks
I hope I explained myself well
 
Old 09-10-2003, 11:22 PM   #2
ranger_nemo
Senior Member
 
Registered: Feb 2003
Location: N'rn WI -- USA
Distribution: Kubuntu 8.04, ClarkConnect 4
Posts: 1,142

Rep: Reputation: 47
Create a new group, such as sshgroup, and add the users you want to it. Then, create a directory, such as /home/sshgroup, and chown it to root:sshgroup, and chmod it to 0750. This will give root full access to the directory, and the group read/execute access, but not write. Since users can't create files in this dir, you don't have to worry about changing the permissions on new files.
 
Old 09-10-2003, 11:49 PM   #3
aeruzcar
Member
 
Registered: Jul 2003
Location: Santiago, Chile
Distribution: Gentoo
Posts: 282

Original Poster
Rep: Reputation: 30
Thanks.
But what I want is something like this.
if I am guest, when I log in, I go to the /home/guest directory where I can read-write-execute, but I also can only read a specific directory. Is there a way to do that??
 
Old 09-11-2003, 12:12 AM   #4
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
I don't understand what your after here. You want a user to have full access to /home/user and then have a directory within /home/user that the user only has read privelages to? Right?

Like the user 'user' only has read privelages to /home/user/directory?
 
Old 09-11-2003, 10:38 AM   #5
aeruzcar
Member
 
Registered: Jul 2003
Location: Santiago, Chile
Distribution: Gentoo
Posts: 282

Original Poster
Rep: Reputation: 30
Yes, something like that. I want the user to read-write his home directory and to read only a completely different one.
/home/guest = read-write -execute
/files/music = read-only
And no permission to any other directories in the upper levels
 
Old 09-11-2003, 04:28 PM   #6
ranger_nemo
Senior Member
 
Registered: Feb 2003
Location: N'rn WI -- USA
Distribution: Kubuntu 8.04, ClarkConnect 4
Posts: 1,142

Rep: Reputation: 47
Well, they have to have normal user access to the upper directories to be able to do anything after they have SSHed into the system. They will need /bin, /usr, etc. It's just like they are logging-in to the computer at the keyboard... Each user will already have full access to his home dir. As root, make a /home/music and give it 0775 permission. This will allow anybody to read / execute in the directory.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
restrict/allow ssh users mike30188 Linux - Security 2 06-20-2005 09:37 PM
restrict unix users to ~ novaprime Linux - Software 20 01-26-2005 12:41 AM
Restrict users logging in by SSH tolindsey Linux - Security 4 08-12-2004 05:17 PM
restrict space for some users in directories CleonII Linux - Security 5 02-25-2004 11:08 AM
How to restrict email from users... Supp0rtLinux Linux - Software 1 01-08-2003 04:37 AM


All times are GMT -5. The time now is 08:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration