I have a debian-based ftp server running that I have created a few user accounts on. I will have clients uploading files to the server via ftp soon, and I need a way to restrict their access to only their home folders. I am not familiar with chroot, but from what I read, it can be used to restrict a user to their home folder, and that sounds perfect. How can I do this?
View 4 Replies
How can i chroot group of users to thier home directories and they have ssh access on RHEL 5.5 .. i tried many tuts but it was about chroot services.
View 2 Replies View RelatedHow would i go about restricting users to there home dir in sftp and in ssh so that they can not go poking about other dir and files thats above there home dir ?Operating systemCentOS Linux 5.4 Kernel and CPULinux 2.6.18-194.8.1.el5.028stab070.5PAE on i686
Also it will have to be a low resource usage as i dont have much memory on it
I have an SFTP server using OpenSSH on a server running Fedora 12. I want to chroot my sftponly users into their home directory but I want to let them have write access to their upload/ folder. Right now users can log in and view & download items, but for some reason I can't get write access to work. Here's some info:
username: testuser
group: sftponly
from /etc/passwd:
testuser:x:501:501::/home/testuser/:/bin/false
[code]...
I see this questioned asked a lot and figured this tutorialThis tutorial explains how to create an SFTP server which confines (or chroot) users to their own home directory and deny them shell access.
View 1 Replies View RelatedIs it possible to restrict users to their home directories and allow admins to have different home directories? Essentially I want users to have a folder in /var/www/html/$USER and admins to have either unrestricted access or have their root directory be ./ or /www or /etc. I have is set now so users have access to thier home direcotry but I need to upload web files as admin.
So far I have created:
chroot_list
user_list
[code]....
I'm running into problems adding the required schema for automount and ldap on Centos 5.6 (also tried Centos 5.3)In the last few days I was able to setup LDAP server and get client authentication working. I want to be able to automatically mount users home folders on logon and store the configuration in ldap.I've done the following so far
1) added include in /etc/openldap/slapd.conf to /etc/openldap/schema/redhat/autofs.schema
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/autofs.schema
2 of us have been googling all morning trying to find out how we can restrict ftp logins to their own home directories only but nothing we've found so far has worked. We've tweaked sshd_config so that they default to their home directory but they are able to navigate up/across/down to everything. This is a "straight-out-of-the-box" debian 5.0.5 Netinst. Just a basic system with Apache/MySql/PHP/SSH and no desktop.
View 6 Replies View Relatedas we know in windows xp drive and folder permissions, we perform (folder-right click-properties-security tab-we check, group or user and assign ALLOW or DENY access to the folders) In the same way i want to DENY access to my windows driver sda1 & sda2 from the Debian OS. my system is being used by 3 users: user1, user2 & user3. All can access to all Volumes, so I want to Deny the users 2 & 3 from accessing my windows driver and folders. BUT i alone user 1 should have permission to access them. How do i change that in Debian 5.5? Allow/Deny Permissions to Volumes.
View 3 Replies View RelatedI have a shared NTFS partition ("shared") that I use for data for both Windows and Ubuntu. How can I mount the music folder on shared to $Home/Music, and the Videos folder on shared to $Home/Videos? I want to mount the different folders on the partition to different folders in home.
View 2 Replies View Relatedrestrict a user from seeing hidden files and folders?
View 8 Replies View RelatedI've installed Ubuntu Desktop Ed 9 and I want to add a user account that would be very restricted. I would only want them to access the internet and run several programs. I do not want them to have access to the destkop, anything under preferences, administration etc... Is this possible?
View 1 Replies View RelatedI was just wondering how do i restrict someone from entering other files. Like other peoples files & the system files. My users are in /home/. I am running ubuntu 10.10.So how do i restrict access to other folders. Because i dont want other people looking inside others files or messing up my linux files.
View 3 Replies View RelatedI need to add another user besides the one set up during the installation procedure but I also need to limit all users to use only their own /home/user directory.
View 4 Replies View RelatedIs there a way where i can chroot their user home directory, lets say the user login on linux box /home/user, what i wanted to do is to chroot /home/user where user won't be able to browse the filesystem which is /. Tnx
View 1 Replies View RelatedI want restrict telnet session to users.
That means the client login one user at a time. not multiple login.
For example:
I want restrict this. How to restrict one user to use multiple login.
I'd like to restricting my ftp users to access 1 particular folder.
we have a root folder called /home everyone has aces to that so they can operate.
but then there is /home/config how can i restrict certain users from access /config folder, since this is containing sensitive files I would like for no one else but my self to be able to access it.
How to prevent a user sending a mail to a particular user in an intranet mail server?I tried with /etc/mail/access file but could not.
View 4 Replies View RelatedIs it possible in Linux to restrict POP3 or IMAP for particular users.I need a confirmation on this, that it is possible or not in Linux.
View 3 Replies View RelatedIs it possible to restrict users with 'sudo' from accessing certain directories? Rather than just exclude cd and ls from the sudo privileges, that is.
View 5 Replies View RelatedI have an Ubuntu 11.04 instance running on Amazon EC2. I am currently using it as an SSH tunnel/SOCKS proxy. Most of my Net activity is on a Windows 7 machine running PuTTY. This setup is working very well. So well that a few of my friends have expressed interest in accessing it. Question is, how do I share this proxy, without giving away my private key and root access? I would like to limit users to only being able to set up an SSH tunnel/SOCKS proxy, with no shell access. What other security measures would you recommend for such a setup? I googled a bit and saw references to rbash and chroot. I have already changed the SSH port, and set the EC2 firewall to allow inbound SSH only from my ISP's address range. My friends use the same ISP. They would probably be running Windows 7/Vista, and PuTTY too.
View 4 Replies View RelatedI am not sure whether it's possible or not. We running squid proxy server for our office. We restrict users using ACL to access the internet. There is some who do the followings:
1. Create a own proxy in there box who has the internet access.
2. Other users use those box as proxy and access to the internet.
How to restrict users to send mail to outside domains in qmail server, i have centos and qmail installed
View 14 Replies View RelatedI want to know is it possible in Sendmail to restrict some users from sending / receiving mail to / from outside world i.e. they should be able to send and receive mails only from local domain.
View 4 Replies View RelatedI have Ubuntu Server 9.10 running with vsftpd and I want to restrict users from uploading certain file types (.exe, .avi) ect.. Is this possible?
View 1 Replies View RelatedI want the users to access servers via ssh public key only. By default they don't know their initial password and do need to change that when performing administrative tasks.For changing their passwords without knowing the old they need to switch to root for this special case.The only case it seems I don't have control is that users can not only change their password but also the password of other peoples. Does someone sees a solution (without apparmor/selinux and special /usr/bin/passwd.sh) to restrict users to only change their password?I miss the feature of using environment variables in sudoers file.
View 9 Replies View RelatedWe are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
View 3 Replies View RelatedI have one Linux PC installed with Suse 11.1. In this I have created three users to get access.
Users able access their login from Windows PC via some utilities.
1. Putty
2. Xming
Users able login using both. With Putty there is no GUI. But with Xmings XLaunch they are able to get similar session as Linux Host PC. At this point of time the host linux PC will become too slow in perfarmance.
How to retrict the users not to open similar session by enablin/disabling some setting in Linux PC?
I have configured rssh 2.3 with openssh 5.8 on RHEL 5.6 64 bit to restrict the users to scp and sftp. When i try to sftp or scp it gives error connection closed. After long googling tried different solutions like add missing libraries, setuid to rssh_helper. I had full copy of /lib to /chroot/lib and /chroot/lib64 but no success. conf and log files are below for reference.
[Code]...
Is there anything special about a home directory before users' home directories are stored there, or is just as typical as any other "empty" folder?Let me just cut to the chase, but please no ear ringing about the folly of messing around as root, particularly with directories at root level. I know it's considered stupidity, but I deleted my home directory.
Is there an easy way to restore a working home directory? I tried copying /etc/skel under root, but I'm not sure what a home directory should look like once it has been restored. Besides . & .., there were .screenrc & .xsession in my home directory when I copied /etc/skel. Are these files suppose to be in "/home" or "/home/~" or both?
