ssh help, I want user to be able to access only specified folders
Jonathan Steadman
FedoraCore at stny.rr.com
Fri Jul 2 13:01:22 UTC 2004
T. Nifty Hat Mitchell wrote:
>On Thu, Jul 01, 2004 at 12:49:57PM -0500, Jonathan S wrote:
>
>
>>I am new to Fedora, and Linux in general, I want users to be able to log in
>>to my computer via ssh, with FC-1 but I want to be able to specify rules
>>for each so they can only access specified folders is this possable? If so
>>how would i go about doing this?
>>
>>
>
>This is almost easy if you understand unix/Linux style permissions,
>ownership and groups. See the man pages for chmod, chown, chgrp,
>umask.
>
>You need to outline what you intend when you use the word access.
>There are read, write, and execute bits for access; three for each:
>user, group, others. Depending on the object these might have
>slightly different meaning.
>
>It is important to note that by default most tools are available to
>all users and the interesting restrictions apply to individual home
>dirs and new dirs that you might make. Almost no one uses chroot home
>or restricted shell logins. They are just too hard get right and
>maintain.
>
>If you could be more clear about the policy you have in mind perhaps
>we could be more helpful. The options are just too vast. Stick with
>simple stuff. There are some 267933+ files in 1344+ packages that
>have default locations and permissions and the system works. It is
>easy to break a system if you get too bold without understanding the
>basics. Build a plan and stay focused....
>
>
>
>> Also is there a difference between fedora-list and fedora-devel list,
>>
>>
>
>There is a big difference.
>This type of question belongs here.
>
>
>
>
I guess what I want is for a user on a remote computer to not be able to
even see any files then those maybe in his home folder, or somewhere
else i specify, I haven't really got to reading about chroot yet, but it
looked like the solution i needed just by reading a couple of intros. to
it. If there is a simpler solution though, please enlighten me I would
be much appreciative.
More information about the fedora-list
mailing list