From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HDQTF-0007cP-78 for garchives@archives.gentoo.org; Sat, 03 Feb 2007 19:22:45 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l13JL123030201; Sat, 3 Feb 2007 19:21:01 GMT Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.172]) by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l13JFKkn021931 for ; Sat, 3 Feb 2007 19:15:20 GMT Received: by ug-out-1314.google.com with SMTP id z38so1008145ugc for ; Sat, 03 Feb 2007 11:15:20 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=IZMqV0aQa5S0jH0Vui0E7GDzoMHoOZ86f5iyiHVMUeKpLI9QZJO7FDgb1IMf2fm/bI5dn9uLzpPR91I8dWYRWu8YM+cz1wROMCdxUfEqYAp8kPiA7lpODdSJjBPnxyeANkBxGb0oxOJS3CxH5zI4y66sxBScbFTt1akbiiVrgjw= Received: by 10.78.17.4 with SMTP id 4mr937358huq.1170530120052; Sat, 03 Feb 2007 11:15:20 -0800 (PST) Received: by 10.78.162.9 with HTTP; Sat, 3 Feb 2007 11:15:20 -0800 (PST) Message-ID: <5bdc1c8b0702031115u688f46e3v394ff77bfc0b0353@mail.gmail.com> Date: Sat, 3 Feb 2007 11:15:20 -0800 From: "Mark Knecht" To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] scp login but confine the user to his home directory? In-Reply-To: <976cb44f0702021941j6de6da69u8888349287eda82@mail.gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <5bdc1c8b0702021913k6fd4f260m7932da2a6293bca4@mail.gmail.com> <976cb44f0702021941j6de6da69u8888349287eda82@mail.gmail.com> X-Archives-Salt: 72ba7d28-5687-4607-8e39-13914a40dba0 X-Archives-Hash: 143609ca02692f10ed4fea1248ad2fa1 On 2/2/07, Greg Bur wrote: > On 2/2/07, Mark Knecht wrote: > > Hi, > > I'm wondering if it is possible and/or advisable to set up an > > account where a user can scp files in and out of his home directory > > using scp but if he logs into the machine using ssh he cannot go > > anywhere outside of his home directory? > > > > How would I set something like this up? > > Mark, > > Rebuild openssh with the chroot USE flag enabled and then have a look > at the following HOWTO: > > http://www.howtoforge.com/chrooted_ssh_howto_debian > > It's a bit of work to set up but it works well. We have a similar > setup at work for our shared hosting customers. > > Regards, > > Greg Thanks Greg. That looks pretty manageable and easier than some of the full blown chroots I've built before under Gentoo. Certainly good enough to try things out and see how it works. Thanks a lot, Mark -- gentoo-user@gentoo.org mailing list