Re: Need advice on setting of an SSH server for untrusted users

From: chabral (chabral_at_hotmail.com)
Date: 09/22/05


Date: Wed, 21 Sep 2005 20:32:39 -0300


"General Schvantzkoph" <schvantzkoph@yahoo.com> escribió en el mensaje
news:pan.2005.09.15.20.34.40.272260@yahoo.com...
> I've just set up an ssh server so that my customers can download code
> releases from me. I've set up ssh so that it requires rsa authentication.
> I've created a separate account and group for each customer and placed
> their public keys in their local ~/.ssh/authorized_keys file. The server
> machine is dedicated to this purpose, there is no sensitive data on the
> system. The system is running FC3 with all of the current patches.
>
> My question is there a way that I can restrict these users to scping files
> to and from their own directory? I don't want a user who has sshed into
> their account to be able to see any other directory or to access any other
> system on my network. Ideally I'd like to limit what they can to scp to
> and from their own directory and nothing else. I've seen mention of chroot
> jails on this group but I'm confused as to what they do exactly and how to
> set one up (assuming that's even the solution to this problem).
>

I've been using rssh for this purpose without problems since more than a
year.
Check this out:

http://sourceforge.net/projects/rssh/

Good luck,

--
chabral 


Relevant Pages

  • Need advice on setting of an SSH server for untrusted users
    ... I've just set up an ssh server so that my customers can download code ... I've created a separate account and group for each customer and placed ... My question is there a way that I can restrict these users to scping files ...
    (comp.os.linux.security)
  • Re: Why is Fedora not a Free GNU/Linux distributions?
    ... The purpose of "open source" is to counter the traditional closed source model of software. ... I'm sure that everyone who develops Free Software has their own ideas about what the purpose of that software is. ... As I enjoy the liberty to use my computers according to my own needs and desires, I believe that my customers should have the same liberty. ... I provide consulting, support, and application development to my customers. ...
    (Fedora)
  • Re: A small announcement
    ... >and M&S have trained staff for this purpose; ... >customers who have had breast surgery. ...
    (uk.media.radio.archers)
  • Re: OT Computers making life easier
    ... way to handle prescriptions. ... The purpose of "auto-attendants" is efficiency, ... "Customers" are always interrupting more important matters. ...
    (alt.home.repair)
  • Re: A small announcement
    ... M&S have trained staff for this purpose; especially for customers who ... have had breast surgery. ...
    (uk.media.radio.archers)