Menu
Is there something similar to chroot, but for users?
We are about to grant access to our servers for a client and would like them to see only the directories we allow.
235
Limit SSH User LoginsOpen the /etc/ssh/sshd_config file. Add an AllowUsers line at the bottom of the file with a space separated by a list of usernames. For example, user tecmint and sheena both have access to remote ssh.
To create a user, we will use the "useradd" command. Here we will specify that the user must be a member of the group "sftpgroup and that their default shell is set to "nologin. By specifying the "nologin" option, we can limit the users access to only a sftp connection.
Jailing an SSH user to their home directory allows you (the administrator) to exercise a lot of control and security over the user accounts on a Linux system. The jailed user still has access to their home directory, but can't traverse the rest of the system.
A Google search on "openssh jail" led me to SSHjail for openSSH. If your client uses ssh/scp to access the said servers, this might be what you are looking for.
195
The "best answer" from 2009 is outdated.
OpenSSH now comes with the ChrootDirectory option.
See http://www.debian-administration.org/articles/590 which is for an already-old version of ssh.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
