Confine user to certain folders only
Dear All,
I am centos 5.5 user. Now my problem I would like to give login for remote user both via ssh and sftp. So when this particular user login just would like them to see a particular number of folder and limit their access. Any idea I have read and google on chroot etc but I am confuse how to setup in centos 5.5? |
well what are you *SPECIFICALLY* confused about? http://erikeldridge.wordpress.com/20...on-centos-5-3/
|
Dear Kewpie,
I have visited this links n many more others. I am confuse what is difference between chroot and openssh. Chroot is techique or tool? Then how does openssh play its roles. I know centos 5.5 does now have the latest openssh so I must upgrade first rite? |
Based upon the questions you are asking, I think that this free PDF book may be beneficial to you: http://ftacademy.org/materials/fsm/13 It covers a lot of ground regarding Linux systems and will help you to rapidly come up to speed on subject like Linux file permissions and basic networking tools like SSH.
To answer your question directly, chroot (change-root) is both a technique and a tool to fork off a process and make a directory it's root file system. This can be done to both contain the process and to create a distinct environment for it to operate. OpenSSH is an SSH, Secure SHell application that allows remote users to login to the system and give them a shell prompt. Via this shell, users will have the same access as if they opened a shell prompt from the system keyboard. Their ability to see files will depend upon the file permissions. |
Quote:
|
Dear Noway2,
Now I am getting a clearer picture what this chroot is all about. Correct me here normally when we login we get to the root. So when this user log in their root is what that have been changed rite. So now my confusion is why a lot of article out there talks about upgrading openssh to version 5++ etc before can do chroot. |
Dear Kewpie,
I was confuse all these way cause all the article talks about openssh upgrade and some even talks on rssh. So now you told me there is no need to upgrade then how am I going to do it any link or steps for me to follow? Thank you. |
they aren't "upgrading", they are just installing from source, ignore those bits and just look at the bits relevant to sshd_config.
|
Dear Kewpie,
So you want me to get working on my /etc/ssh/ssh_config is it? So what you want me to update there? |
i want you to read a document and see for yourself, it's not exactly hard. http://v2.robbyt.com/2008/howto/chro...ith-openssh-5/
|
Dear Kewpie,
The article is talking about openssh >4.9 but mine I have checked OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008. So you ask me to concentrate sshd_config? Should I follow that article to upgrade or not? |
That is a good article that Acid_kewpie is referencing!
Quote:
|
Dear Noway2,
I am on a centos platform. So I should go n update my openssh first rite. So you doubt it could be updates is it? If I really can not find an update so what is your next advice? Upgrade the OS is it? Ok let me try to update and see if I can do it. |
shall I say AGAIN that you don't need to upgrade?? If the changes in the config file work, then they work. Why are you so keen to make one number the same as another number? that's just the version they happened to use in their guide. if you want to upgrade, then do so, nothing stopping you, but either way, just move on.
|
Quote:
newbie14, activating the desired feature is a matter of changing the configuration. Normally, in any sort of current version of SSH, it is not necessary to upgrade. Try making the configuration changes and if this feature doesn't work, THEN confirm the version of SSH you are using. You should be able to do this with the command ssh -V |
All times are GMT -5. The time now is 04:08 PM. |