How would i go about restricting users to there home dir in sftp and in ssh so that they can not go poking about other dir and files thats above there home dir ?Operating systemCentOS Linux 5.4 Kernel and CPULinux 2.6.18-194.8.1.el5.028stab070.5PAE on i686
Also it will have to be a low resource usage as i dont have much memory on it
I have a debian-based ftp server running that I have created a few user accounts on. I will have clients uploading files to the server via ftp soon, and I need a way to restrict their access to only their home folders. I am not familiar with chroot, but from what I read, it can be used to restrict a user to their home folder, and that sounds perfect. How can I do this?
View 4 Replies View RelatedIs it possible to restrict users to their home directories and allow admins to have different home directories? Essentially I want users to have a folder in /var/www/html/$USER and admins to have either unrestricted access or have their root directory be ./ or /www or /etc. I have is set now so users have access to thier home direcotry but I need to upload web files as admin.
So far I have created:
chroot_list
user_list
[code]....
I have configured rssh 2.3 with openssh 5.8 on RHEL 5.6 64 bit to restrict the users to scp and sftp. When i try to sftp or scp it gives error connection closed. After long googling tried different solutions like add missing libraries, setuid to rssh_helper. I had full copy of /lib to /chroot/lib and /chroot/lib64 but no success. conf and log files are below for reference.
[Code]...
I'm running into problems adding the required schema for automount and ldap on Centos 5.6 (also tried Centos 5.3)In the last few days I was able to setup LDAP server and get client authentication working. I want to be able to automatically mount users home folders on logon and store the configuration in ldap.I've done the following so far
1) added include in /etc/openldap/slapd.conf to /etc/openldap/schema/redhat/autofs.schema
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/autofs.schema
I've installed Ubuntu Desktop Ed 9 and I want to add a user account that would be very restricted. I would only want them to access the internet and run several programs. I do not want them to have access to the destkop, anything under preferences, administration etc... Is this possible?
View 1 Replies View RelatedI was just wondering how do i restrict someone from entering other files. Like other peoples files & the system files. My users are in /home/. I am running ubuntu 10.10.So how do i restrict access to other folders. Because i dont want other people looking inside others files or messing up my linux files.
View 3 Replies View RelatedI want restrict telnet session to users.
That means the client login one user at a time. not multiple login.
For example:
I want restrict this. How to restrict one user to use multiple login.
I'd like to restricting my ftp users to access 1 particular folder.
we have a root folder called /home everyone has aces to that so they can operate.
but then there is /home/config how can i restrict certain users from access /config folder, since this is containing sensitive files I would like for no one else but my self to be able to access it.
How to prevent a user sending a mail to a particular user in an intranet mail server?I tried with /etc/mail/access file but could not.
View 4 Replies View RelatedIs it possible in Linux to restrict POP3 or IMAP for particular users.I need a confirmation on this, that it is possible or not in Linux.
View 3 Replies View RelatedIs it possible to restrict users with 'sudo' from accessing certain directories? Rather than just exclude cd and ls from the sudo privileges, that is.
View 5 Replies View RelatedI have an Ubuntu 11.04 instance running on Amazon EC2. I am currently using it as an SSH tunnel/SOCKS proxy. Most of my Net activity is on a Windows 7 machine running PuTTY. This setup is working very well. So well that a few of my friends have expressed interest in accessing it. Question is, how do I share this proxy, without giving away my private key and root access? I would like to limit users to only being able to set up an SSH tunnel/SOCKS proxy, with no shell access. What other security measures would you recommend for such a setup? I googled a bit and saw references to rbash and chroot. I have already changed the SSH port, and set the EC2 firewall to allow inbound SSH only from my ISP's address range. My friends use the same ISP. They would probably be running Windows 7/Vista, and PuTTY too.
View 4 Replies View RelatedI am not sure whether it's possible or not. We running squid proxy server for our office. We restrict users using ACL to access the internet. There is some who do the followings:
1. Create a own proxy in there box who has the internet access.
2. Other users use those box as proxy and access to the internet.
How to restrict users to send mail to outside domains in qmail server, i have centos and qmail installed
View 14 Replies View RelatedI want to know is it possible in Sendmail to restrict some users from sending / receiving mail to / from outside world i.e. they should be able to send and receive mails only from local domain.
View 4 Replies View RelatedI have Ubuntu Server 9.10 running with vsftpd and I want to restrict users from uploading certain file types (.exe, .avi) ect.. Is this possible?
View 1 Replies View RelatedI want the users to access servers via ssh public key only. By default they don't know their initial password and do need to change that when performing administrative tasks.For changing their passwords without knowing the old they need to switch to root for this special case.The only case it seems I don't have control is that users can not only change their password but also the password of other peoples. Does someone sees a solution (without apparmor/selinux and special /usr/bin/passwd.sh) to restrict users to only change their password?I miss the feature of using environment variables in sudoers file.
View 9 Replies View RelatedWe are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
View 3 Replies View RelatedI have one Linux PC installed with Suse 11.1. In this I have created three users to get access.
Users able access their login from Windows PC via some utilities.
1. Putty
2. Xming
Users able login using both. With Putty there is no GUI. But with Xmings XLaunch they are able to get similar session as Linux Host PC. At this point of time the host linux PC will become too slow in perfarmance.
How to retrict the users not to open similar session by enablin/disabling some setting in Linux PC?
Is there anything special about a home directory before users' home directories are stored there, or is just as typical as any other "empty" folder?Let me just cut to the chase, but please no ear ringing about the folly of messing around as root, particularly with directories at root level. I know it's considered stupidity, but I deleted my home directory.
Is there an easy way to restore a working home directory? I tried copying /etc/skel under root, but I'm not sure what a home directory should look like once it has been restored. Besides . & .., there were .screenrc & .xsession in my home directory when I copied /etc/skel. Are these files suppose to be in "/home" or "/home/~" or both?
2 of us have been googling all morning trying to find out how we can restrict ftp logins to their own home directories only but nothing we've found so far has worked. We've tweaked sshd_config so that they default to their home directory but they are able to navigate up/across/down to everything. This is a "straight-out-of-the-box" debian 5.0.5 Netinst. Just a basic system with Apache/MySql/PHP/SSH and no desktop.
View 6 Replies View RelatedIn RedHat 4/5 How can i jail/restrict an sftp user to his home directory?
Can i do this without using rssh ?
I've setup a FTP server in OpenSUSE 11.1 with KDE 3.5.x. (Pure-ftpd) But when I connect with an user to the FTP server I can browse to all folders on the OPENSUSE system, how can I setup one folder for all users and restrict the FTP connection to that folder only??
View 1 Replies View RelatedI have a server in a colocation environment where I'm allotted 25Mbps. I'd like to avoid exceeding that for obvious reasons. Is there a way I can set the link speed or at least throttle the bandwidth for all services?
View 2 Replies View RelatedRight i did a clean install of Fc15 and used a custom layout with separate /home partition. when it all installed It had created /home in the /root partition. so I then moved the /home directory to the partition I intended, added the relevant fstab entries and re granted permissions etc to the relevant files. All done with a live cd.
the problem is when i rebooted all settings worked as the partitions mounted with all the /home directories and all my user settings are in tact but when i click home in KDE's kick off it tried to open root? So all im wondering is how could i change the default /home back to my user account? as all i seem to find online is how to specify a /home with useradd
I don't quite understand /etc/skel. I know that everything in /etc/skel will effect all NEW users, and that's about it.
Basically, what I'm trying to do is add the directories "home" and "work" to the users /home directory.
How do I do this?
I want to backup all the data in my /home folder/partition (before upgrading).
1. In How to migrate to a new openSUSE version - openSUSE it is only written how to backup *one* users data.
If you know the path to your external harddisk, just open a konsole and do:
Code:
$ su
1. cd /home
2. cp -b -vvv username_to_be_backed_up /media/<folder_of_your_external_harddisk>
How can I backup *all* users' data in one folder "home-double"?
2. Has the external disk have to have any special file system?
I have an 500 GB disk in fat with some data already on it. Can this be used? Or do I have to make an new (ext3?) partition on my external hard disk to preserve permissions? Do I have to worry about big files under FAT?
3. Should I make anything to get sure that all data is the same in "home-double" as in "/home"?
Now I am using (on my Samsung X20) openSuse 11.1 and Gnome 2.24.1 (mostly, 1 account is using KDE) and Kernel Linux 2.6.27.45-01.1-pae. "/home" is on an separated partition (as part of an extended partition). I have also 2 NTFS partitions for Windows XP (System and Data), and a FAT, a root (/) and a swarp partition.
After working with a more or less stable system I decided to install 11.3 on my system. Atm I am working with a updated 10.3 (prop state is 11.2 now after kernel update) Installed is Gnome, KDE3 and KDE4 - using KDE3
Now the question can I reinstall Opensuse 11.3 to my root partition and keep /home successfully? It is on a separate partition (Doing backup atm also). I understand that I will have to set it as mountpoint during installation. When asked to create user I stopped as I am scared if I add a user with the same name as on my old install it will overwrite the current folder in mounted /home... I seriously like my old username and want to keep it - can i safely add the user during install? will my stuff be still there?
is it possible for two users to share a home folder? the idea is to allow for my home directory which is also my web server document root to be shared with another user on the FTP i currently have vsftpd which is set to allow local users to access their home directories but i dont want to give my password away, but i dont mind them having access to the files and folders
View 1 Replies View Related