From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HDBrR-0000SD-Ao for garchives@archives.gentoo.org; Sat, 03 Feb 2007 03:46:45 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l133jVD6023827; Sat, 3 Feb 2007 03:45:31 GMT Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.191]) by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l133fO9i017750 for ; Sat, 3 Feb 2007 03:41:24 GMT Received: by nf-out-0910.google.com with SMTP id c31so2678452nfb for ; Fri, 02 Feb 2007 19:41:24 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Cf19bZQi3Se8IpY1upe1XXU7lPQoJqqVvYB7fwq1rpSJeFtfa+4if1r9BpMJ9cXuxL9BNoaxBbcCRvt738AgMIeR28AFVe+lgyxVfxe8VJmV+861VW9CyEP3PSEfK8ZBOCtugmbknnntUXijCOy9XkKnN1mbVgcOEelBkbFMhIM= Received: by 10.82.188.15 with SMTP id l15mr1480023buf.1170474083817; Fri, 02 Feb 2007 19:41:23 -0800 (PST) Received: by 10.82.186.18 with HTTP; Fri, 2 Feb 2007 19:41:23 -0800 (PST) Message-ID: <976cb44f0702021941j6de6da69u8888349287eda82@mail.gmail.com> Date: Fri, 2 Feb 2007 22:41:23 -0500 From: "Greg Bur" To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] scp login but confine the user to his home directory? In-Reply-To: <5bdc1c8b0702021913k6fd4f260m7932da2a6293bca4@mail.gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <5bdc1c8b0702021913k6fd4f260m7932da2a6293bca4@mail.gmail.com> X-Archives-Salt: fdd9af5d-9cb0-4ea8-b1a8-ca371ab38e07 X-Archives-Hash: c58e2cccdc7bfe149ad7618121610246 On 2/2/07, Mark Knecht wrote: > Hi, > I'm wondering if it is possible and/or advisable to set up an > account where a user can scp files in and out of his home directory > using scp but if he logs into the machine using ssh he cannot go > anywhere outside of his home directory? > > How would I set something like this up? Mark, Rebuild openssh with the chroot USE flag enabled and then have a look at the following HOWTO: http://www.howtoforge.com/chrooted_ssh_howto_debian It's a bit of work to set up but it works well. We have a similar setup at work for our shared hosting customers. Regards, Greg -- gentoo-user@gentoo.org mailing list