Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
This is my problem,i need to give some user from other machine to my machine where they can get my data,but i want to give them only one dir where they can download file and i'm trying to use scp to this solution
Code:
[root@malick ~]# ssh -V
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
This is my problem,i need to give some user from other machine to my machine where they can get my data,but i want to give them only one dir where they can download file and i'm trying to use scp to this solution
Code:
[root@malick ~]# ssh -V
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
SCP uses SSH,and by SSH an user have full control over a terminal as a local user,so have you given him the root level access or any user level access ?
If you are giving root level access to other by ssh, then it's equivalent to root level access in local system.
So give the remote user an userlevel access permission. Then you can apply restriction on different folder by restricting permission.
Last edited by divyashree; 09-23-2010 at 08:26 AM.
SCP uses SSH,and by SSH an user have full control over a terminal as a local user,so have you given him the root level access or any user level access ?
i've created a particular user for him not a roor level access
Code:
So give the remote user an userlevel access permission. Then you can apply restriction on different folder by restricting permission.
i've completely blocked from logging in to my system by etc host and deny.but by having a non root access .he can't download other's home dir or so,but he can download /etc easily,
so my point is i want to give him only one folder other than that nothing
Because you are using the shell or scp, certain files must be available to support the session. The jail needs certain directories copied for the users commands to work.
See the manpage for sshd_config. The last paragraph in the ChrootDirectory section explains that you can do things easier if you only allow sftp, but not ssh or scp.
Code:
In the special case when only sftp is used, not ssh nor scp, it is possible to use ChrootDirectory %h or ChrootDirectory /some/path/%u. The file system
containing this directory must be mounted with options nodev and either nosuid or noexec. The owner of the directory should be the user. The ownership
of the other components of the path must fulfill the usual conditions. No aditional files are required to be present in the directory.
If you only want users to simply save or download files, you might consider using sftp instead of scp.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
