Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SFTP user access restriction to his home dir
Operating Systems Linux SFTP user access restriction to his home dir Post 302423396 by pashy on Friday 21st of May 2010 02:58:59 AM
Old 05-21-2010
MySQL SFTP user access restriction to his home dir
Hi Friends,
I have installed a FTP Server on my Linux machine (Fedora 11).
I want the ftp users to be restricted to their own home dir using sftp.
But the said condition is met when the user logs in using ftp over port 21 and when the user logs in using sftp i.e. protocol 22, he/she has readable (downloadable) access to the upper dir's as well. In short the user is able to traverse through file system using sftp. I have chrooted the users as well.

Could you please advice me the reason & the possible solution for this.

I am sorry, but let me inform you all that I am very new to Linux & installing FTP for the 1st time, so could you please be more specific about the commands & every steps involved with the appropriate prompts (dir's).

Thanks in advance.
Pashy
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Modify user home dir

I created a new user and assigned a certain home dir to tis user. I've noticed that this home dir (/export/home/test) is already assigned to other users. I really want to create a dedicated home dir for the new user. Can anyone tell me how I can modify this user with a new homedir? Thx for... (4 Replies)
Discussion started by: kris_devis
4 Replies

2. UNIX for Dummies Questions & Answers

listing home dir of anothe user

Hi I am trying to display the home directory of another user. I dont have the permissions to change into their directory and wonder is it possible to display their directory eg I cant change directory to john but I am trying to display something like /home/John. If anyone can help I would... (3 Replies)
Discussion started by: mmg2711
3 Replies

3. Solaris

need to restrict user to his home dir

Hello, i need to create a user who's access is restricted only to his home directory and below, i restricted his pty access by adding 'no-pty' to the options of the ssh key in authorized_keys file. However, sftp access still allows this user access to all my file system thanks (5 Replies)
Discussion started by: lidram
5 Replies

4. UNIX for Dummies Questions & Answers

Restrict user access to their home dir

Hi! i'm using FreeBSD 6.2 and hosting my pc to frens in particular of sensitive information being saved to the PC, i would like to know is it possible for me to restrict user access to their /home dir. only? and also, i wanted to restrict them listing files under /etc thanks all! (10 Replies)
Discussion started by: rdns
10 Replies

5. UNIX for Dummies Questions & Answers

unable to set user home dir

I created a new user and changed their home directory to /export/home/mydir/ I verified in the passwd file that the home directory is set to the above and that owner of that directory is the new user and yet when I log in as that user I get the following message: No directory! Logging in with... (14 Replies)
Discussion started by: some_one
14 Replies

6. AIX

Not able to mount user home dir from with automount

Hello there Have anyone configured an AIX 5L machine as NIS client? with homedirectories automounted form an NFS share? The NIS server is running Solaris. I am able to configure the AIX machine as client and user is able to login but I have configured the client to use the automountd... (0 Replies)
Discussion started by: balaji_prk
0 Replies

7. Solaris

how to change /export/home/user dir to /home /user in solaris

Hi all i am using solaris 10, i am creating user with useradd -d/home/user -m -s /bin/sh user user is created with in the following path /export/home/user (auto mount) i need the user to be created like this (/home as default home directory ) useradd -d /home/user -m -s /bin/sh... (2 Replies)
Discussion started by: kalyankalyan
2 Replies

8. Solaris

remove a user without removing its home dir

HI all, I have wrongly given a wrong home directory to a user. This dir is very critical for my production environment(Can;t afford to lose it for a single minute) Now i want to delete that user, Whenever i try to delete user it tries to delete its home dir. Commnd i use: userdel ... (9 Replies)
Discussion started by: varunksharma87
9 Replies

9. HP-UX

[Solved] Unable to change/create home dir for particular user

Hi all I wanted to change the home dir for a user, but when using smh : SMH->Accounts for Users and Groups->Local Users->Modify User ---------------------------------------------------------------------------------------------------------------------------------------------- * Required... (8 Replies)
Discussion started by: fretagi
8 Replies

10. UNIX for Dummies Questions & Answers

Switching from root to normal user takes me to user's home dir

Whenever i switch from root to another user, by doing su - user, it takes me to home directory of user. This is very annoying as i want to be in same dir to run different commands as root sometimes and sometimes as normal user. How to fix this? (1 Reply)
Discussion started by: syncmaster
1 Replies

LEARN ABOUT SUNOS

sftp

sftp(1) 							   User Commands							   sftp(1)

NAME

       sftp - secure file transfer program

SYNOPSIS

       sftp [options] [user@]host[:dir[/]]

       sftp [options] [user@]host[:file1 [file1 [file | dir2]]

DESCRIPTION

       The  sftp  utility is an interactive file transfer program with a user interface similar to ftp(1) that uses the ssh(1) command to create a
       secure connection to the server.

       sftp implements the SSH File Transfer Protocol as defined in IETF draft-ietf-secsh-filexfer. There is no relationship between the  protocol
       used by sftp and the FTP protocol (RFC959) provided by ftp(1).

       The  first  usage format causes sftp to connect to the given host and enter an interactive mode. If a username was provided then sftp tries
       to log in as the given user. If a directory is provided then sftp tries to change the current directory on the server to the  given  direc-
       tory before entering the interactive mode.

       The  second  usage  format retrieves the given file from the server and copies it to the given target file or directory on the client. If a
       username is given sftp tries to log in as the given user.

OPTIONS

       The following options are supported:

       -1

	   Specifies the use of protocol version 1.

       -b batchfile

	   Batch mode reads a series of commands from an input batchfile instead of stdin. Since it lacks user interaction, it should be  used	in
	   conjunction with non-interactive authentication. sftp aborts if any of the following commands fail: get, rm, and lmkdir.

       -B buffer_size

	   Specifies the size of the buffer that sftp uses when transferring files. Larger buffers require fewer round trips at the cost of higher
	   memory consumption. The default is 32768 bytes.

       -C

	   Enables compression, using the -C flag in ssh(1).

       -F ssh_config

	   Specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh(1).

       -o ssh_option

	   Specifies an option to be directly passed to ssh(1).

       -P sftp_server path

	   Executes the given path as an sftp-server and uses a pipe, rather than an ssh connection, to communicate with it. This  option  can	be
	   useful in debugging the sftp client and server. The -P and -S options are mutually exclusive.

       -R num_requests

	   Specifies  how many requests can be outstanding at any one time. Increasing this can slightly improve file transfer speed but increases
	   memory usage. The default is 16 outstanding requests.

       -S ssh program path

	   Uses the given program instead of ssh(1) to connect to the sftp server. The -P and -S options are mutually exclusive.

       -s subsystem | sftp_server

	   Specifies the SSH2 subsystem or the path for an sftp server on the remote host. A path is useful for using sftp over  protocol  version
	   1, or when the remote sshd does not have an sftp subsystem configured.

       -v

	   Raises logging level. This option is also passed to ssh(1).

OPERANDS

       The following operands are supported:

       hostname | user@hostname

	   The name of the host to which sftp connects and logs into.

INTERACTIVE COMMANDS

       Once in interactive mode, sftp understands a set of commands similar to those of ftp(1). Commands are case insensitive and pathnames can be
       enclosed in quotes if they contain spaces.

       bye

	   Quits sftp.

       cd path

	   Changes remote directory to path.

       lcd path

	   Changes local directory to path.

       chgrp grp path

	   Changes group of file path to grp. grp must be a numeric GID.

       chmod mode path

	   Changes permissions of file path to mode.

       chown own path

	   Changes owner of file path to own. own must be a numeric UID.

       help

	   Displays help text.

       get [flags] remote-path [local-path]

	   Retrieves the remote-path and stores it on the local machine. If the local path name is not specified, it is given the same name it has
	   on the remote machine. If the -P flag is specified, then the file's full permission and access time are copied too.

       lls [ls-options [path]]

	   Displays local directory listing of either path or current directory if path is not specified.

       lmkdir path

	   Creates local directory specified by path.

       ln oldpath newpath

	   Creates a link from oldpath to newpath.

       lpwd

	   Prints local working directory.

       ls [flags] [path]

	   Displays remote directory listing of either path or current directory if path is not specified.

       lumask umask

	   Sets local umask to umask.

       mkdir path

	   Creates remote directory specified by path.

       put [flags] local-path [local-path]

	   Uploads  local-path	and stores it on the remote machine. If the remote path name is not specified, it is given the same name it has on
	   the local machine. If the -P flag is specified, then the file's full permission and access time are copied too.

       pwd

	   Displays remote working directory.

       exit

	   Quits sftp.

       quit

	   Quits sftp.

       rename oldpath newpath

	   Renames remote file from oldpath to newpath.

       rmdir path

	   Removes remote directory specified by path.

       rm path

	   Deletes remote file specified by path.

       symlink oldpath newpath

	   Creates a symbolic link from oldpath to newpath.

       ! command

	   Executes command in local shell.

       !

	   Escapes to local shell.

       ?

	   Synonym for help.

EXIT STATUS

       The following exit values are returned:

       0	Successful completion.

       1	An error occurred.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftp(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), attributes(5)

       To view license terms, attribution, and copyright for OpenSSH,  the  default  path  is  /var/sadm/pkg/SUNWsshdr/install/copyright.  If  the
       Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
       location.

AUTHOR

       Damien Miller

SunOS 5.10							    15 Sep 2004 							   sftp(1)
All times are GMT -4. The time now is 09:33 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy