08-25-2011
ssh jail user
I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still gain access to other directories. Even if they are using ssh from another unix system it only gives them access to the exact directory specified. They can't even loo in their own sub directories. Any help will be greatly appreciated. This is on a Solaris 10 X86 system.
8 More Discussions You Might Find Interesting
1. Linux
I created a user
useradd -d /disk2/ftpfiles me
How would i beable to jail me so he could not move arround my file system? (4 Replies)
Discussion started by: byblyk
4 Replies
2. Solaris
Hi Gurus,
I am creating a user for ftp only on Solaris 10. However while testing I can see user can reach to root directory.
I followed following while creating the user
1 Created a shell in /usr/bin/ftponly as chmod a+x to ftponly
2 Placed the entry in /etc/shells
... (2 Replies)
Discussion started by: kumarmani
2 Replies
3. UNIX for Dummies Questions & Answers
Hi, I was wondering how to change the prompt for my ssh login. At the moment it is like
user>
while I'd like it to be as
user@host>
It is in the .bash_profile or .ssh ??? Thanks (2 Replies)
Discussion started by: pmasterkim
2 Replies
4. UNIX for Advanced & Expert Users
Hi all,
I have a Solaris 10 server with SUN_SSH_1.1 installed.
I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work.
... (2 Replies)
Discussion started by: Donkey25
2 Replies
5. Debian
Firstly Hi everyone :)
I setup SFTP and SSH jail using this tutorial:
http://www.howtoforge.com/chrooted-ssh-sftp-tutorial-debian-lenny
SFTP jail works however now when I try to SSH it accepts my password and then just goes to a blank screen. Type any command and the shell session is... (11 Replies)
Discussion started by: pokey144
11 Replies
6. AIX
Hi,
We have a requirement to do passwordless entry from one user to a different user on the same AIX server using ssh keys.
Can some one help me with this?
Thanks in advance,
Panditt (3 Replies)
Discussion started by: deshaipet
3 Replies
7. Cybersecurity
Hi all,
I want to jail a process in his folder, so he can't have any link with a parent folder.
Ex. If i'm a hacker, and I can upload my script & and I can start it, i'll could go to ../, /etc/passwd, etc..
So what I did is to chroot the process :
I copied all libraries used by the... (1 Reply)
Discussion started by: Deb.I.am
1 Replies
8. Cybersecurity
Hello people,
I'm creating a web game control panel, where people can manage their gameserver on a php made control panel.
But i have no idea how to create an jailed inviroment for the gameserver,
I've looked at possebilites for chroot, but i don't want the gameserver has any binaries of linux... (1 Reply)
Discussion started by: gm33
1 Replies
LEARN ABOUT DEBIAN
ssh-copy-id
SSH-COPY-ID(1) General Commands Manual SSH-COPY-ID(1)
NAME
ssh-copy-id - install your public key in a remote machine's authorized_keys
SYNOPSIS
ssh-copy-id [-i [identity_file]] [user@]machine
DESCRIPTION
ssh-copy-id is a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's ~/.ssh/autho-
rized_keys file.
If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in your
ssh-agent. Otherwise, if this:
ssh-add -L
provides any output, it uses that in preference to the identity file.
If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fin-
gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
if necessary.)
NOTES
This program does not modify the permissions of any pre-existing files or directories. Therefore, if the remote sshd has StrictModes set in
its configuration, then the user's home, ~/.ssh folder, and ~/.ssh/authorized_keys file may need to have group writability disabled manu-
ally, e.g. via
chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys
on the remote machine.
SEE ALSO
ssh(1), ssh-agent(1), sshd(8)
OpenSSH 14 November 1999 SSH-COPY-ID(1)