From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-113946-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1On9ia-0005Dx-6J
	for garchives@archives.gentoo.org; Sun, 22 Aug 2010 12:32:13 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 384E3E071C;
	Sun, 22 Aug 2010 12:31:24 +0000 (UTC)
Received: from smtplq03.aruba.it (unknown [62.149.158.23])
	by pigeon.gentoo.org (Postfix) with SMTP id B13BEE071C
	for <gentoo-user@lists.gentoo.org>; Sun, 22 Aug 2010 12:31:23 +0000 (UTC)
Received: (qmail 3298 invoked by uid 89); 22 Aug 2010 12:31:19 -0000
Received: from unknown (HELO smtp4.aruba.it) (62.149.128.201)
  by smtplq03.aruba.it with SMTP; 22 Aug 2010 12:31:19 -0000
Received: (qmail 7084 invoked by uid 89); 22 Aug 2010 12:31:20 -0000
Received: from unknown (HELO athena.localnet) (Giampiero@Gabbiani.org@79.45.41.26)
  by smtp4.ad.aruba.it with SMTP; 22 Aug 2010 12:31:20 -0000
From: Giampiero Gabbiani <Giampiero@gabbiani.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] creating ssh account without directory browsing
Date: Sun, 22 Aug 2010 14:31:20 +0200
User-Agent: KMail/1.13.3 (Linux/2.6.33.5-desktop-2mnb; KDE/4.4.3; x86_64; ; )
References: <4C70E194.2090904@googlemail.com>
In-Reply-To: <4C70E194.2090904@googlemail.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201008221431.20453.Giampiero@gabbiani.org>
X-Spam-Rating: smtp4.ad.aruba.it 1.6.2 0/1000/N
X-Spam-Rating: smtplq03.aruba.it 1.6.2 0/1000/N
X-Archives-Salt: f8cf27fb-ebb2-4381-85a2-c4c6a62b23e0
X-Archives-Hash: f42f4f80ffa451bb59a5bdb093f8a017

In data domenica 22 agosto 2010 10:36:36, Tamer Higazi ha scritto:
: >  Hi people!
> For a project I need to create ssh accounts (based on shared keys) who
> would be loged in a specific directory. They should only be able to
> login in the desired directory, but not be able for outside browsing.
> 
> 
> for example:
> 
> /work/
> 
> but not / or any other scope.
> 
> How would you guys accomplish that?!
Hi Tamer,
simply set the default shell of the desired account to: /bin/bash -r.
In this mode the bash will start in restricted mode. You can get further 
information about that in the man page of bash (section: RESTRICTED SHELL).

Bye
Giampiero