paroxsitic |
04-03-2007 03:25 PM |
Locking SSH user to home directory.
It is my understanding that I have to look more into chroot. Upon research I've found chroot is used mostly for making community jails. That is, a directory like /home/jail is used as a fake root. Each user apart of the jail has a normal /home/jail/home/username home and it seems to them they are are not in a jail. It's mostly like this because jails require their own bin and lib files among other things, and this is also way you can pick and choose which commands your jailed users run.
I don't need some fancy emulated effect of a root. I am mostly interested in keeping users out of other users home directories. It would be ideal if by simply trying to cd out of their home directory they get a PERMISSION DENIED.
I have already achieved this with FTP by means of proftpd. Now I'd like this same setup for SSH and SFTP. Any and all information that contains the most basic and simplistic way I can set up this security will be appreciated.
|