08-25-2011
ssh jail user
I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still gain access to other directories. Even if they are using ssh from another unix system it only gives them access to the exact directory specified. They can't even loo in their own sub directories. Any help will be greatly appreciated. This is on a Solaris 10 X86 system.
8 More Discussions You Might Find Interesting
1. Linux
I created a user
useradd -d /disk2/ftpfiles me
How would i beable to jail me so he could not move arround my file system? (4 Replies)
Discussion started by: byblyk
4 Replies
2. Solaris
Hi Gurus,
I am creating a user for ftp only on Solaris 10. However while testing I can see user can reach to root directory.
I followed following while creating the user
1 Created a shell in /usr/bin/ftponly as chmod a+x to ftponly
2 Placed the entry in /etc/shells
... (2 Replies)
Discussion started by: kumarmani
2 Replies
3. UNIX for Dummies Questions & Answers
Hi, I was wondering how to change the prompt for my ssh login. At the moment it is like
user>
while I'd like it to be as
user@host>
It is in the .bash_profile or .ssh ??? Thanks (2 Replies)
Discussion started by: pmasterkim
2 Replies
4. UNIX for Advanced & Expert Users
Hi all,
I have a Solaris 10 server with SUN_SSH_1.1 installed.
I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work.
... (2 Replies)
Discussion started by: Donkey25
2 Replies
5. Debian
Firstly Hi everyone :)
I setup SFTP and SSH jail using this tutorial:
http://www.howtoforge.com/chrooted-ssh-sftp-tutorial-debian-lenny
SFTP jail works however now when I try to SSH it accepts my password and then just goes to a blank screen. Type any command and the shell session is... (11 Replies)
Discussion started by: pokey144
11 Replies
6. AIX
Hi,
We have a requirement to do passwordless entry from one user to a different user on the same AIX server using ssh keys.
Can some one help me with this?
Thanks in advance,
Panditt (3 Replies)
Discussion started by: deshaipet
3 Replies
7. Cybersecurity
Hi all,
I want to jail a process in his folder, so he can't have any link with a parent folder.
Ex. If i'm a hacker, and I can upload my script & and I can start it, i'll could go to ../, /etc/passwd, etc..
So what I did is to chroot the process :
I copied all libraries used by the... (1 Reply)
Discussion started by: Deb.I.am
1 Replies
8. Cybersecurity
Hello people,
I'm creating a web game control panel, where people can manage their gameserver on a php made control panel.
But i have no idea how to create an jailed inviroment for the gameserver,
I've looked at possebilites for chroot, but i don't want the gameserver has any binaries of linux... (1 Reply)
Discussion started by: gm33
1 Replies
LEARN ABOUT CENTOS
ssh-ldap-helper
SSH-LDAP-HELPER(8) BSD System Manager's Manual SSH-LDAP-HELPER(8)
NAME
ssh-ldap-helper -- sshd helper program for ldap support
SYNOPSIS
ssh-ldap-helper [-devw] [-f file] [-s user]
DESCRIPTION
ssh-ldap-helper is used by sshd(1) to access keys provided by an LDAP. ssh-ldap-helper is disabled by default and can only be enabled in the
sshd configuration file /etc/ssh/sshd_config by setting AuthorizedKeysCommand to ``/usr/libexec/openssh/ssh-ldap-wrapper''.
ssh-ldap-helper is not intended to be invoked by the user, but from sshd(8) via ssh-ldap-wrapper.
The options are as follows:
-d Set the debug mode; ssh-ldap-helper prints all logs to stderr instead of syslog.
-e Implies -w; ssh-ldap-helper halts if it encounters an unknown item in the ldap.conf file.
-f ssh-ldap-helper uses this file as the ldap configuration file instead of /etc/ssh/ldap.conf (default).
-s ssh-ldap-helper prints out the user's keys to stdout and exits.
-v Implies -d; increases verbosity.
-w ssh-ldap-helper writes warnings about unknown items in the ldap.conf configuration file.
SEE ALSO
sshd(8), sshd_config(5), ssh-ldap.conf(5),
HISTORY
ssh-ldap-helper first appeared in OpenSSH 5.5 + PKA-LDAP .
AUTHORS
Jan F. Chadima <jchadima@redhat.com>
BSD
April 29, 2010 BSD