Networking :: How To Create SSH User Without Access To Root Directory
Aug 7, 2009
I need to create an SSH user that can only access the directory I would specify for them. For example, I've been able to execute the following:
useradd -d /home/me/directory_for_this_user someuser
So when someuser logs in they get into this directory. Problem is that once they log in they can simply execute:
cd /
and navigate through all other directories which is a security risk.
How I could limit someuser's access to only /home/me/directory_for_this_user and its subdirectories and nowhere else in the system?
View 1 Replies
ADVERTISEMENT
Jun 18, 2011
I have a Virtual Private Server which I can connect to using SSH with my root account, being able to execute any linux command and access all the disk area, obviously.
I would like to create another user account, which would be able to access this server using SSH too, but only to a certain directory, for example /var/www/example.com/
For example, imagine this user has a HUGE error.log file (500 MB) located in /var/www/example.com/logs/error.log
When accessing this file using FTP, this user needs to download 500 MB to view the last lines of the log, but I'd like him to be able to execute something like this:
Therefore I need him to be able to access the server using SSH, but I don't want to grant him access to all server areas.
View 2 Replies
View Related
Mar 18, 2010
I have an ubuntu server set up in which i would like my shared media directory to be accessable with multiple usernames / passwords because I use my admisistrator username and password for samba as well, but I do not want to give out that password to all clients in my house. And, I would like to have write permissions but keep other users to read only. Is this possible or do i need to just make one separate username / password for samba sharing?
View 1 Replies
View Related
Jan 18, 2010
I'm setting up Ubuntu Karmic on my sister's old computer for my nephew, he's quite young so my sister asked to install some content filtering. I'll first setup an OpenDNS account and I've installed and managed to get dansguardian and squid working on a virtual machine to try it out. so far it's working pretty well, but I need to secure it form the inside out.
I was thinking of blocking specific outbound ports so he could not bypass the proxy. because by default the firefox configuration can be easily changed. so I have a couple of questions.
1. is it possible to block outgoing ports on Ubuntu?
2. is that the best method?
3. is there anything else I should be aware of to prevent subversion?
lastly, this question is probably unrelated to this board but I've set up a cron job to update a dynamic ip with OpenDNS, the problem is that the password is in clear text in the user's crontab, can I play with permissions? is it possible to run the job under a root account and deny read/write access to a normal user?
View 1 Replies
View Related
Jun 21, 2011
I get the following error whenever I launch bash:
Code:
mkdir: cannot create directory `/dev/cgroup/cpu/user/5900': No such file or directory
bash: /dev/cgroup/cpu/user/5900/tasks: No such file or directory
bash: /dev/cgroup/cpu/user/5900/notify_on_release: No such file or directory
It seems like it's probably from this part of .bashrc:
[Code]...
What does this code do, why, and what's causing it to go wrong?
View 7 Replies
View Related
Oct 26, 2010
I no longer have access to my root desktop. On a session I attempted to change the root username but i apparently assigned it a wrong directory that does not exist. When I rebooted with my new root username, i was instead recognised as a simple user (no root privileges). I tried the console to change to "old" root but root password is not accepted and there is no way to access to sudoer files. it seems that inserting a new username requires root privileges and i am back to square one. Simply logging with old root username and password after restart gives me a blank screen with nothing on it and cannot even reboot.
View 9 Replies
View Related
May 12, 2011
i have rhel 5.2 and i want to create user using useradd command without creating user home directory and not throwing any warning/error about not creating any home directory.i have tried useradd -u "$NEW_UID" -g <gid> -d "/home/$1" -M "$1"where $1 is user name and $NEW_UID is i am calculating.it throws error as useradd: cannot create directory /home/$1which i dont want to come , how to prevent this?
View 1 Replies
View Related
Apr 15, 2009
I've been looking for this feature for months and couldn't find a solution for this. Does anyone know how to create users and limit the user to a specified directory?
View 6 Replies
View Related
Jun 16, 2011
Do you think there is a way of accessing different user data from another account which I have set up.
Ie. user 1 = account has messed up
user 2 = account works fine
access user account 1 home directory from user 2 work space?
View 9 Replies
View Related
Jan 21, 2010
Prelude: OpenSUSE 11.2 (2.6.31.8-0.1-desktop), installed Novell client 2.0 SP2 (novell-client-2.0-sp2-sle11-i586.iso).
I found that if any usual user is logged into a NDS-tree, then _local_ root has full access to user's network shares, including the user's home directory located on remote Netware-server. Is it by design or
have I missed something? Nevertheless in windows local admin has no access to network resources mounted of any other user. If you runas shell (as admin) then admin in principle can't "see" network shares which were mounted (connected) by other users - they are accessible ("visible") per session.
View 3 Replies
View Related
Mar 8, 2010
I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.
I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.
View 7 Replies
View Related
Aug 8, 2010
I have a network set up that has been working for around a year with no problems but has now developed a login problem. The system was set up with a main server with all users on it and another PC located elsewhere that people could log onto using there personal login and password that then gained access to the account on the main server. This remote PC has now got the problem. When you try to log onto an account it comes up with the message "your session has lasted less than 10 seconds. If you have not logged out yourself this could mean there is a installation problem or that you are out of disk space."
Error message says that no profile for the user can be found and it couldnt create per-user gnome configuration directory. I can log on as root onto the remote PC as it is obviously a local account but all the account on the main server are not accessible. From the root account I can see that the connection to the server is OK and I can actually log into the accounts on the server using the failsafe session so the physical network is OK.
I never built or designed this set up and to be honest I normally work with windows so its all a bit strange to me. Both PC's run Centos 5. I have checked the messages log and there doesnt seem to be any indication of a problem. Just that it stopped connecting from the remote PC. The accounts are all active on the main server itself and have no problems being accessed.
View 3 Replies
View Related
Jan 27, 2010
i'm using ftp server with RHEL-5.1 now i wish to an anonymous user can create and upload some file on my ftp server...for this i configure the entries in /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
# Uncomment this to allow local users to log in.
local_enable=YES
[code]...
View 4 Replies
View Related
Nov 8, 2010
I am getting the databases from mysql and my database name is username_something.
I am getting the username and then puting the respective backups in corresponding folders like
tar bala bla /backups/sql/username/username_something.tar.sql.gz
The problem is system worrks if i have the folder username already there but for new databases if get the error like unknown file path.
How can i do that if username folder is not there it should be created
View 2 Replies
View Related
Jan 27, 2010
i'm using ftp server with RHEL-5.1 now i wish to an anonymous user can create and upload some file on my ftp server... for this i configure the entries in /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
# Uncomment this to allow local users to log in.
local_enable=YES
[code]....
View 3 Replies
View Related
Jul 4, 2010
I want to create a user who has all the privileges that root user has.I know how to create a user but i don't know how to grant root privileges to him.
View 10 Replies
View Related
Apr 9, 2011
I create a user in CentOS 5.5 for using with my email account.
useradd ralf
passwd ralf
use "ralf user" only for my email account. How can I remove others privileges/permissions? Also, I want to use "ralf user" without root privileges/permissions.
View 4 Replies
View Related
May 24, 2011
I try to create a user who has the 100% permissions and roles as the root with following command:
Code:
useradd -c "ANOTHER ROOT" -d /home/root2 -g root -m -s /bin/bash root2
But it seems the user just in the group of root but doesn't have all the rights as the root.
View 8 Replies
View Related
Aug 27, 2009
I did a fresh fedora install and have overwritten the root user directory ( /root) with a backup of a previous install. Now I cannot log on through the login screen with the root user password. I can login su - as root on the command line with the password OK.
View 1 Replies
View Related
Oct 5, 2010
For a user on a Linux host, I need to make everything inaccessible besides his home directory. I have heard that this is usually done by changing the root directory for the user (and setting it to the user's home directory), however I couldn't find the way to do it.
I thought about the chroot command, but it seems it just runs the specified command, considering the specified directory as the root directory. So it seems chroot is not what i need. So my question is: what is the command which changes the user's root directory?
View 7 Replies
View Related
Aug 28, 2010
How to create the user without creating home directory?
View 7 Replies
View Related
Jul 30, 2011
I am using NIS and I want to replace this with 389 ds. I have installed 389 ds and configured it. I could create user account from 389-console. But it does not create user home directory. Do I have to create user account and user home directory in linux first?
View 1 Replies
View Related
Oct 14, 2010
I am unable to create a directory as an anonymous user using FTP. Settings are as below mentioned:-
vsftpd.conf
anonymous_enable=YES
write_enable=YES
anon_upload_enable=YES
[Code].....
View 3 Replies
View Related
Feb 20, 2010
i do need to create 1 user who has similar to root privileges but the username will not be root.
View 13 Replies
View Related
Jun 30, 2011
I am writing a ping kind of program for my own application. This application needs to run with non root user privileges. This needs me to create a raw socket. But the ping connection is failing because of creating raw socket with non root user.How can I run the application successfully with non root user privileges using raw socket creation?
View 4 Replies
View Related
Jul 19, 2011
Hey I have made a user so that he is able to access my ftp files though filezilla.
However he does not have access to the root folder. How can I edit this?
View 2 Replies
View Related
Oct 24, 2010
I want to create a limited user, such that the user should only have the access to usb drives, cd drives and internet. And also I want to restrict the user from deleting the files from the system. How to do it..?
View 5 Replies
View Related
Jun 27, 2010
When I log on a root and attempt to issue the command Freshclam to upgrade the virus definitions it attempts or create a new file with a definition name. I get a message stating that the directory isnt writable. The user and group access rights are as follows:
USER = read, write, execute
Group = read, write, execute
All= read, execute.
The only way I can get around this is by applying a 777 which would be read, write and execute for all. Now, I have a group define with several user ids in it including Root.How do I connect the group with the directory/file so I dont have to apply a 777 access right to group users could issue the Freshclam command.
View 1 Replies
View Related
Mar 21, 2010
I'm using ubuntu 9.10. I used the command:
root@aduait-laptop:~# sudo chown -R root:root /media/104B-FF96/Private to set the permissions of Private folder for root but it is giving error:
Code:
root@aduait-laptop:~# sudo chown -R root:root /media/104B-FF96/Private
chown: changing ownership of `/media/104B-FF96/Private/5.jpg': Operation not permitted
chown: changing ownership of `/media/104B-FF96/Private/6.jpg': Operation not permitted
chown: changing ownership of `/media/104B-FF96/Private/7.jpg': Operation not permitted
[Code].....
View 5 Replies
View Related
Nov 17, 2008
I have configured apache on my Centos 5.2 and it is working well. I want to have a sym link of my docs directory in /root/ in the apache root directory. I used ln -s command to create this sym link. But when I tried to access this I get the following error:
You don't have permission to access /docs on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
How can I access this directory in apache. i use apache 2.0.63.
View 1 Replies
View Related
