LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-12-2004, 09:54 AM   #1
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Rep: Reputation: 15
restricting ssh users from certain programs/files


hi all. i want to restrict my other ssh users from certain files, directories and programs. problem is i dont know exactly the way to approach this.

i have 3 users that can log into linux...root, nixel, and shyet. nixel and shyet are under the group names "users". users can run nmap and view certain files. what if i want shyet unable to view/run a file, but i want nixel to be able to view/run a file while still being a regular user and without root priv? how do i go about setting permissions?

i was thinking making a new group "remote" set aside for my ssh users. if this is the solution, how do i go about making a group? i know it has something to do with /etc/group file but i want this "remote" group to have less priveledges than the "users" group. i dont know what to put in the file.

thanks in advance.
 
Old 05-12-2004, 11:18 AM   #2
Technoslave
Member
 
Registered: Dec 2003
Location: Northern VA
Posts: 493

Rep: Reputation: 30
Well, first, you shouldn't be logging in as root, you should be logging in as yourself and then using sudo to run anything you need to as root.

That's the first biggy.

As to your answer, SSH is nothing more than a transport. It's not a shell. What you're looking for is a customized shell. Do a search on customized shell, restricted shell, things of that nature, I've seen it posted here a few times, you should be able to get a couple of hits.
 
Old 05-12-2004, 01:29 PM   #3
iainr
Member
 
Registered: Nov 2002
Location: England
Distribution: Ubuntu 9.04
Posts: 631

Rep: Reputation: 30
Hi nixel,

What you're trying to achieve is reasonably straight forward; find a website that explains file permissions, users and groups and make sure you understand that; it should give you enough information to do not only what you want here, but any other variations that come along.
 
Old 05-12-2004, 03:01 PM   #4
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Original Poster
Rep: Reputation: 15
got it thanks guys. i set all remote users to the group "remote" and chgrp local <dir> to set "local" group as ownership so "remote" group cant access.

i have another question though. how do i search for files with read, write, or exec in 'others'? ie. ( -rwxr-xr-x...search for anything read,write,OR exec )
 
Old 05-12-2004, 10:00 PM   #5
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
find / -xdev -perm 0764
will locate all files with rwxrw-r--

The permissions listed as octal numbers will match exactly. If you are just interested in the others permissions mask, use a symbolic argument.

To see which files are world readable: find / -xdev -perm -o+r
 
Old 05-13-2004, 12:54 AM   #6
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Original Poster
Rep: Reputation: 15
the find command seems to use a lot of memory! thanks for the responses. and the explanation of symbolic argument. just what i was looking for.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Restricting users? sdouble Linux - Newbie 5 07-05-2006 06:48 PM
Restricting su to certain users roadin SUSE / openSUSE 4 03-15-2005 12:17 PM
restricting users actions... know of any programs.. for both win/lunix nicknamefij Linux - Security 5 09-16-2004 10:58 PM
restricting ssh macie Linux - Networking 1 12-09-2003 11:34 PM
Restricting FTP Users mtellin Linux - Networking 1 02-28-2002 08:54 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration