LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-04-2009, 06:14 PM   #1
Brandon.Wamboldt
Member
 
Registered: Apr 2009
Posts: 30

Rep: Reputation: 15
Permissions on /etc and other folders


I plan on allowing certain users to have ssh access to my server. I am going to configure an ssh jail for them, but to have extra security, which directories are safe to chmod to x00?

I doubt that I can chmod /etc/ to x00, but any other directories?

Thanks

Also, what should I use to chroot a user into his/her home directory of /home/sshusers/<user>. I need them to be able to follow symlinks

Last edited by Brandon.Wamboldt; 05-04-2009 at 06:16 PM.
 
Old 05-04-2009, 07:14 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
To understand better, could you indicate what business these users have on the server? I mean is this like a regular shell hosting job, is it part of webhosting, are they developers or system admins? And what distribution+release would the machine run?
 
Old 05-04-2009, 07:24 PM   #3
Brandon.Wamboldt
Member
 
Registered: Apr 2009
Posts: 30

Original Poster
Rep: Reputation: 15
I am a web developer, and I host all of my clients. Some of them wish to have shell access for developing and testing cgi applications, and editing files securely if they don't have access to FTP.

I am running CentOS 5.3
 
Old 05-04-2009, 07:51 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
Well, there's restricted shells like Rssh (http://www.cyberciti.biz/tips/rhel-c...ell.html/print), "oldschool" chrooting (http://wiki.linuxquestions.org/wiki/OpenSSH_chrooting) which requires patching OpenSSH and OpenSSH-5 acquired the "ChrootDirectory" directive in 2008 allowing you to chroot users without intervention from other software. Unfortunately that version of OpenSSH is not in 5.3 repo's I know of (I don't use EPEL, CentOSPlus or Singh's repo so do check). With a .spec from a current OpenSSH .src.rpm I think building that version would be easy or apparently recent Fedora RPM could be rebuilt in Centos.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
change permissions of all folders and sub folders cad Linux - General 3 01-28-2007 11:21 AM
permissions of files and folders binary_dreamer Linux - General 2 04-06-2006 12:13 AM
Permissions of new folders through samba doctorwebbox Linux - Networking 9 08-10-2004 01:46 AM
Settign permissions on folders reddog64 Linux - Newbie 3 04-19-2004 03:23 PM
Permissions for folders geolew Red Hat 4 09-03-2003 10:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 04:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration