Chroot environment for ssh

From: Philip Paeps (philip@paeps.cx)
Date: 08/15/02 

Date: Thu, 15 Aug 2002 15:43:41 +0200
From: Philip Paeps <philip@paeps.cx>
To: security@freebsd.org

Hi guys -

I'm in the process of setting up a form of fileserver, and I'd like for my
users to be able to work only in their home directories, not anywhere else. I
would like to use SSH for the connections, as opposed to FTP, but I don't want
users to be able to log into an interactive shell (only SCP/SFTP) and I don't
want them to 'escape' out of their home directories.

Anyone have any ideas on how I'd go about doing this? I've been fiddling with
chrsh (a 'chroot shell') but it's not really what I want.

(I was debating with myself whether to post this on -questions of -security, I
hope I chose wisely in the end).

Thanks!

 - Philip 

-- 
Philip Paeps
philip@paeps.cx
http://www.paeps.cx/
+32 486 114 720
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message