On Tue, Apr 21, 2009 at 9:25 AM, J. Bakshi <bakshi12 (at) gmail (dot) com [email concealed]> wrote:
> Dear list,
>
> I am running a remote suse server and need to give ssh access to the
> users who can work on their particular web folder only. The version of
> ssh server is openssh-5.0p1-21.1
>
> I have already did huge google search but could not find any sshd
> features which can allow ssh users to restrict them in their home directory.
> I have found some documentations where chroot or jailkit is used to
> achieve this and these need some more configuration and obviously
> "chown root:root <home-folder>" . But I need an option which simply
> restrict ssh users so that they can't browse beyond their home directory.
> It is also not possible to do "chown root:root <home-folder>" as the
> folders which are used as home directory are actually web folder under
> apache htdocs having apache permission.  I don't need sftp but ssh
> access. Is it really impossible to have this feature through ssh technology ?
>
> Thanks
>

Short answer, "no."

Long answer...

ssh forks the user's login shell, when not using sftp. Because ssh is just a
transport, not a shell, you would need to look into some sort of restricted
shell as the user's login shell, or go all out with a chroot environment that
encapsulates a normal shell.

--
And, did Galoka think the Ulus were too ugly to save?
-Centauri

[ reply ]