06-28-2014
I would just like to link up to the chroot, it is available directly in openssh.
Simple directive in sshd_config will enable sftp chroot, and users or groups will be limited by it.
If you follow best practice it will be impossible to exit the jail.
As for scripts or profiles which limit user, there is alot of code to be written besides one trap and it hard to limit a savvy person (it is doable perhaps but the effort will be great.)
Perhaps, if you elaborate which is the exact requirement for that user to do on server, folks might help further.
9 More Discussions You Might Find Interesting
1. Programming
Im creating a sort of shell, for my cybercafe
This will restrict my clients from accessing unwanted materials
so im programming a similar bash to
1. to meet my goals
2. to learn new things.
im creating it in C,
please have a look at the attachement.
i wish to avoid having a blank space... (6 Replies)
Discussion started by: C|[anti-trust]
6 Replies
2. Shell Programming and Scripting
Dear Freinds,
Help needed in input redirection .
My problem is as follows..
I have a shell script as follows which calls another gnuplot script .
datagen.sh
#!/bin/ksh
gnuplot plot_I.plt
In the above file I am calling another file called plot_I.plt which reside in the same... (4 Replies)
Discussion started by: user_prady
4 Replies
3. UNIX for Dummies Questions & Answers
I have concurrent manager stop and check to verify all the process are stopped BUT even after all the process are stopped query script continues to run without break out.
# stop the concurrent manager
$COMMON_TOP/admin/scripts/$CONTEXT_NAME/adstpall.sh $DB_USER/$DB_PSWD
# check if the... (1 Reply)
Discussion started by: Paul.S
1 Replies
4. UNIX for Dummies Questions & Answers
Hi Experts,
Im running a bit complicated sql script and for reasons of scheduling,I wrapped it around in a simple shell script. So, when I run it, it do creates an output file and writes to it everytime I run it & this is what exactly I wanted.
However, it is not exiting the while loop no... (4 Replies)
Discussion started by: PG3
4 Replies
5. Shell Programming and Scripting
Hi,
i have one shell script which transfers files from one server to other server through FTP, but i can see login id and password is not mentioned.
kindly help to understand the script.then how below script is working if login and password is not mentioned in script
#!/bin/sh... (1 Reply)
Discussion started by: ni3b007
1 Replies
6. UNIX for Dummies Questions & Answers
Hi
I have two scripts script1.sh and script2.sh(say this script is a long running).
I want to call script2.sh inside and script1.sh,but when i call script2.sh i dont want to wait for script2 to complete and want this to run in back ground and go on next commands in script 1.sh and finally at the... (2 Replies)
Discussion started by: lijjumathew
2 Replies
7. UNIX for Dummies Questions & Answers
Hello,
i have cronjob:
crontab -l
* * * * * pkill -f domexpcheck;sh /root/dom/domexpcheck.sh
it runs:
/var/log/cron
Mar 25 12:11:01 vps crond: (root) CMD (pkill -f domexpcheck;sh /root/dom/domexpcheck.sh)
but somehow script dont run properly via cronjob. But when i execute cronjob... (7 Replies)
Discussion started by: postcd
7 Replies
8. Shell Programming and Scripting
Hello All,
My name is vasu and I am very new to Unix scripting, i know basic commands, but now i need to write the following script, i have tried but no luck
My requirment is i am getting one our from another command as following
Used:1.8TB Advisory Quota:1.8TB aaa1
Used:4.5TB Advisory... (1 Reply)
Discussion started by: VasuKukkapalli
1 Replies
9. Programming
hi all,
i have made a shell script and it runs until it reaches the if statement, doesn't the ! mean only if the command fails it will echo me that message and then exit
can anyone please help me what is wrong with my code?
many thanks,
rob
#!/bin/bash
echo "is this archive... (10 Replies)
Discussion started by: robertkwild
10 Replies
LEARN ABOUT CENTOS
sftp-server
SFTP-SERVER(8) BSD System Manager's Manual SFTP-SERVER(8)
NAME
sftp-server -- SFTP server subsystem
SYNOPSIS
sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] [-u umask]
DESCRIPTION
sftp-server is a program that speaks the server side of SFTP protocol to stdout and expects client requests from stdin. sftp-server is not
intended to be called directly, but from sshd(8) using the Subsystem option.
Command-line flags to sftp-server should be specified in the Subsystem declaration. See sshd_config(5) for more information.
Valid options are:
-d start_directory
specifies an alternate starting directory for users. The pathname may contain the following tokens that are expanded at runtime: %%
is replaced by a literal '%', %h is replaced by the home directory of the user being authenticated, and %u is replaced by the user-
name of that user. The default is to use the user's home directory. This option is useful in conjunction with the sshd_config(5)
ChrootDirectory option.
-e Causes sftp-server to print logging information to stderr instead of syslog for debugging.
-f log_facility
Specifies the facility code that is used when logging messages from sftp-server. The possible values are: DAEMON, USER, AUTH,
LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.
-h Displays sftp-server usage information.
-l log_level
Specifies which messages will be logged by sftp-server. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1,
DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that sftp-server performs on behalf of the client. DEBUG and DEBUG1 are
equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR.
-R Places this instance of sftp-server into a read-only mode. Attempts to open files for writing, as well as other operations that
change the state of the filesystem, will be denied.
-u umask
Sets an explicit umask(2) to be applied to newly-created files and directories, instead of the user's default mask.
For logging to work, sftp-server must be able to access /dev/log. Use of sftp-server in a chroot configuration therefore requires that
syslogd(8) establish a logging socket inside the chroot directory.
SEE ALSO
sftp(1), ssh(1), sshd_config(5), sshd(8)
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-02.txt, October 2001, work in progress material.
HISTORY
sftp-server first appeared in OpenBSD 2.8.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
July 16, 2013 BSD