On Mon, Jun 28, 2004 at 08:21:31PM +0200, Robert Cates wrote:
>Hi,
>
>I don't exactly like the idea of having to setup a "mini-system" in
>everybodies home dir, so maybe the Jailkit will be the answer.(?) Somehow
>I'm a little surprised that the OpenSSH project hasn't provided this feature
>in SSH
On Mon, Jun 28, 2004 at 08:21:31PM +0200, Robert Cates wrote:
>Hi,
>
>I don't exactly like the idea of having to setup a "mini-system" in
>everybodies home dir, so maybe the Jailkit will be the answer.(?) Somehow
>I'm a little surprised that the OpenSSH project hasn't provided this feature
>in SSH
t but most of them wouldn't be using sftp anyways.
Cheers,
Ehren Wilson
> -Original Message-
> From: Robert Cates [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 28, 2004 12:22 PM
> To: debian-isp@lists.debian.org
> Cc: Andreas John
> Subject: Re: restricting sftp/ssh
how about using rbash? Only does the shell part, and it is not very hard
to break out of the jail, but then again, allowing shell when you think
users are going to purposely try to break it isn't a good idea...
t but most of them wouldn't be using sftp anyways.
Cheers,
Ehren Wilson
> -Original Message-
> From: Robert Cates [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 28, 2004 12:22 PM
> To: [EMAIL PROTECTED]
> Cc: Andreas John
> Subject: Re: restricting sftp/ssh login
; > From: Robert Cates [mailto:[EMAIL PROTECTED]
> > Sent: Monday, June 28, 2004 11:54 AM
> > To: debian-isp@lists.debian.org
> > Cc: Andreas John; MB; [EMAIL PROTECTED]
> > Subject: Re: restricting sftp/ssh login access
> >
> >
> > Hi, and thanks for the quick replies
aybe somebody knows the reason why?
I think my next e-mail will be to the OpenSSH project ;-)
Thanks,
Robert
- Original Message -
From: "Andreas John" <[EMAIL PROTECTED]>
To:
Cc: "Robert Cates" <[EMAIL PROTECTED]>
Sent: Monday, June 28, 2004 2:28 PM
Subject: R
how about using rbash? Only does the shell part, and it is not very hard
to break out of the jail, but then again, allowing shell when you think
users are going to purposely try to break it isn't a good idea...
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Troubl
CTED]
> Subject: Re: restricting sftp/ssh login access
>
>
> Hi, and thanks for the quick replies!
> Just to be a bit clearer in what I'm asking: I would like to be able to
> allow my customers to access their accounts (update their web sites) with
> sftp which as I unders
tssh.sourceforge.net/docs/chrootedsftp.html but I'm
open to other maybe better ways.
Thanks again,
Robert
- Original Message -
From: "MB" <[EMAIL PROTECTED]>
To: "Andreas John" <[EMAIL PROTECTED]>
Cc:
Sent: Monday, June 28, 2004 6:47 PM
Subject: Re: restr
John,
Looks like there is a debian package created for jailkit now:
http://olivier.sessink.nl/jailkit/jailkit_0.9-1_i386.deb
md5 sums for these packages:
de67f1dbf6cec002290fe4faadf53821 jailkit_0.9-1_i386.deb
Mark
--- MB <[EMAIL PROTECTED]> wrote:
> John,
>
> First off, I make a small mista
John,
First off, I make a small mistake, the package I used was "jailkit",
from either:
http://www.gnu.org/directory/All_Packages_in_Directory/jailkit.html
or
http://freshmeat.net/projects/jailkit/
It has tons of documentation to help you create a jailed environment,
including loading your jail
obert Cates [mailto:[EMAIL PROTECTED]
> > Sent: Monday, June 28, 2004 11:54 AM
> > To: [EMAIL PROTECTED]
> > Cc: Andreas John; MB; [EMAIL PROTECTED]
> > Subject: Re: restricting sftp/ssh login access
> >
> >
> > Hi, and thanks for the quick replies!
>
aybe somebody knows the reason why?
I think my next e-mail will be to the OpenSSH project ;-)
Thanks,
Robert
- Original Message -
From: "Andreas John" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Robert Cates" <[EMAIL PROTECTED]>
Sent: Monday, June 28
]
> Subject: Re: restricting sftp/ssh login access
>
>
> Hi, and thanks for the quick replies!
> Just to be a bit clearer in what I'm asking: I would like to be able to
> allow my customers to access their accounts (update their web sites) with
> sftp which as I understand it is
tssh.sourceforge.net/docs/chrootedsftp.html but I'm
open to other maybe better ways.
Thanks again,
Robert
- Original Message -
From: "MB" <[EMAIL PROTECTED]>
To: "Andreas John" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, June 28,
John,
Looks like there is a debian package created for jailkit now:
http://olivier.sessink.nl/jailkit/jailkit_0.9-1_i386.deb
md5 sums for these packages:
de67f1dbf6cec002290fe4faadf53821 jailkit_0.9-1_i386.deb
Mark
--- MB <[EMAIL PROTECTED]> wrote:
> John,
>
> First off, I make a small mista
John,
First off, I make a small mistake, the package I used was "jailkit",
from either:
http://www.gnu.org/directory/All_Packages_in_Directory/jailkit.html
or
http://freshmeat.net/projects/jailkit/
It has tons of documentation to help you create a jailed environment,
including loading your jail
Hi,
It sounds to me like you are looking for a chroot jail for some users.
apt-get install jailer
( jailer - Builds and maintains chrooted environments )
You will need to run a special daemon (jk_socketd) to log users into the
jail, but that is about the hardest part. I'll post my startup scrip
Hi!
1.) Set users shell to /bin/false and add it to /etc/shells.
This will prevent ssh access for users, but allows ftp etc.
But what you are asking for is that (I think)
2.) http://chrootssh.sourceforge.net/index.php
Chroot your ssh for non-admin users by
- patching ssh
- replacing Users homedir
Hi,
It sounds to me like you are looking for a chroot jail for some users.
apt-get install jailer
( jailer - Builds and maintains chrooted environments )
You will need to run a special daemon (jk_socketd) to log users into the
jail, but that is about the hardest part. I'll post my startup scrip
On Monday 28 June 2004 12.17, Robert Cates wrote:
> I would like to know if there is a way to restrict user logins to
> their home directories (or any other designated directory for that
> matter) using sftp/ssh. I've got my ftp server configured so that
rssh is what you are looking for. Be sure
Hi!
1.) Set users shell to /bin/false and add it to /etc/shells.
This will prevent ssh access for users, but allows ftp etc.
But what you are asking for is that (I think)
2.) http://chrootssh.sourceforge.net/index.php
Chroot your ssh for non-admin users by
- patching ssh
- replacing Users homedir
On Monday 28 June 2004 12.17, Robert Cates wrote:
> I would like to know if there is a way to restrict user logins to
> their home directories (or any other designated directory for that
> matter) using sftp/ssh. I've got my ftp server configured so that
rssh is what you are looking for. Be sure
Hi,
I would like to know if there is a way to restrict user logins to their home
directories (or any other designated directory for that matter) using
sftp/ssh. I've got my ftp server configured so that normal ftp access is
restricted to their home directories, but since sftp uses (Open)SSH, it u
Hi,
I would like to know if there is a way to restrict user logins to their home
directories (or any other designated directory for that matter) using
sftp/ssh. I've got my ftp server configured so that normal ftp access is
restricted to their home directories, but since sftp uses (Open)SSH, it u
26 matches
Mail list logo
