Networking :: Limiting Sshfs Access To Specific Directory / Tunneling Nfs Over Ssh

Jan 22, 2010

I have a server with a /data/ directory, everything in the /data/ folder has "-rwxrw-rw- 1 root root" permissions.all works fine, multiple users are mounting this over a lan and everyone is able to modify files. However I would like to be able to access the /data/music/ directory from the internet.

Is it possible to configure sshfs to only accept logins from a user restricted to reading the /data/music directory, or would it be possible to tunnel nfs over ssh in such a way that everyone on the lan has unrestricted access to the data directory, but something coming from outside only has read access to the music directory. Although is one were tunneling nfs over ssh, the nfs mount request would appear to come from the server itself. The router is at and the server is at Seems very much like what I want to do, however I'm having a bit of trouble getting this to work well with other users mounting with full rights over the lan too.

View 5 Replies


Networking :: Stuck With Ssh Tunneling Because The Default Method For Tunneling Requires Root Access While WinSCP

Mar 28, 2010

I have a local computer (local), and remote computer (remote) behind of remote server (server). Also, I have user access to all of these 3 machines. Now, I want mount some directory, located at remote, to my local mount-point via sshfs. How should I setup my local sshfs and what should be done on server to make this mounting?

I'm stuck with ssh tunneling because the default method for tunneling requires root access while WinSCP somehow could do this with only user access (the tunnel server could be configured there in 'tunnel' panel).

View 5 Replies View Related

Security :: Using Sudo To Give Read Access To Specific Directory?

Apr 29, 2011

I have a log server that collects logs from all the cisco devices on our network.he company policy states that any logs should only be accessible by root. So I have the following permissions set on the directory, as well as everything inside the directory where the cisco logs are kept.

drwx------ 65 root root 4096 Apr 29 7:38 rsyslog
The cisco folks are requesting access to these logs, which is allowed by company policy.


View 12 Replies View Related

General :: Use Symlink To Provide Access To A Specific File Under A Restricted Directory

Jan 24, 2011

My home directory's permissions allow only myself access to it. Is it possible to put a file inside my home directory with.. say.. full permissions, and create a symlink to it so other users can access that file alone inside my home folder? System is Ubuntu Karmic.

View 2 Replies View Related

Software :: SSHFS - Permissions Denied On Mounted Directory

Jul 8, 2011

I have a problem with sshfs. I want to share a binary with some others computers, but i only want them to be able to execute (no read/write ). So, on my main server, I chown root:root bin & chmod 701 bin. That work nicely on main server, local users can execute bin w/o read/write ... But when I mount directory using sshfs, users cant exec/read/write ...

SSHFS version 2.2
FUSE library version: 2.8.4
fusermount version: 2.8.4
using FUSE kernel interface version 7.12

View 9 Replies View Related

Ubuntu :: Bash Script That Uses Sshfs To Remotely Mount A SSH Directory?

Apr 23, 2010

I have a bash script that uses sshfs to remotely mount an SSH directory.

Where should i place this script so it mounts with route privileges?

One consideration is i use VPN so the directory needs to be mounted after openvpn is started.

View 3 Replies View Related

Software :: Limit Mount Points Of SSHFS To Just User's Home Directory

Apr 21, 2010

We recently had a serious loss of data because of SSHFS mounting. A user in our group mounted the entire home directory of our server (/home). This was so they could easily move between user folders to read/write data from other people involved in the same project. They then deleted several folders that were not in there home directory.

Now I know this is a bad idea and that there should be a dedicated "projects" folder where everyone collaborates and does their stuff. Such a folder/system exits but I can't make them use it. My question: Is there anyway to configure SSHFS such that the only thing the user's can mount is their home directory? Obviously this won't fix the problem since they can sym-link to other folders but I've got to start somewhere. Perhaps there's a better solution (one that doesn't involve me nagging users about proper form).

View 4 Replies View Related

CentOS 5 :: WebDAV - Limiting Access To Subfolders?

Dec 13, 2010

On our web server I want to have a WebDAV folder and I would like customers to be able to log in with MySQL authentication from our customers database (this I have set up with no problems and it works fine). HOWEVER, I want each customer to have their own subfolder and, having logged in with access to the main WebDAV folder, I want each customer ONLY to be able to access their own subfolder(s). I don't mind them seeing other subfolders exist but obviously I don't want them to have access to other customers subfolders.

OK, of course I could achieve this by adding new WebDAV locations to the httpd.conf for every customer but with a large number of customers httpd.conf will become very large and messy. I have tried applying further restrictions by putting an .httaccess file in each subfolder but that doesn't work - indeed the presence of a .htaccess file oddly prevents users from seeing any other files in the subfolder but has no effect on the access.

View 1 Replies View Related

Server :: Limiting POP3/IMAP Access Frequency?

Sep 24, 2010

My server listens to POP3/IMAP requests. Some users have configured their mailers with high checking frequencies, say once every minute, such that the system logs are full of entries with no significance at all.I'd like to ask if there is a way to limit the per IP frequency of POP3/IMAP access ?I'm using "xinetd" to wrap the "ipop3d" and "imapd" which come with the Alpine package.

View 4 Replies View Related

Ubuntu Security :: Adding User With Access To Mount Point Over SSHFS Only

Sep 2, 2010

I'd like to add a user to my server that will only have access to a mount point over sshfs. Is there any way I can provide them this access without actually giving them permission to open a terminal on my server? I tried /bin/false and /sbin/nologin already, but /bin/false didn't allow the mount point to be made and /sbin/nologin prevented a login completely (also stopped the mount point from working).

View 6 Replies View Related

General :: Ubuntu: Limiting User Account Only To Access His Home Dir?

Feb 20, 2011

I just created new user account, but the new user is able to access all the directories structure (including other's home directories).I'd like to limit the user to access ONLY his home directory (and nothing "above"). How do I do this?

View 1 Replies View Related

Security :: Protect Samba Server For Limiting Access To Certain Domains?

Nov 24, 2010

I was looking for a way to protect my samba server for limiting access to certain domains.Can I use the parameterhosts allow = example.comor something like that or is there another way to do the job for domains

View 4 Replies View Related

Fedora Networking :: Unable To Mount Specific Directory Via CIFS?

Aug 19, 2011

I have a bootable utility toolset that I put together with Fedora 14, one of its primary functions is to map a user designated share via script and access information from it. The command that I used, that functioned perfectly, in Fedora 14 was:

sudo mount -t cifs -o // /mnt/source


View 3 Replies View Related

Networking :: Firewall Access For A Specific Mac Address?

Jan 6, 2010

I have my firewall setup so that only specific subnets/IP addresses can access the system. My issue is that I have remote user/laptop who needs to access the system, but is constantly on a different subnet/dhcp IP address. Is there configuration for iptables where I can enter the mac address of the laptop to allow access to the system and not specify a subnet or IP address?

View 3 Replies View Related

Networking :: Isolate Untrusted Computers While Retain Access From Specific PCs

Sep 24, 2010

At school, the shop I work in has machines that run windows xp and cannot be updated to the latest SP (consider these machines "B"). This means that they are quarantined whenever connected to the network. There are also workstations that we would like to be able to connect to "B" for the sole purpose of dropping a file into a directory. These machines we will call "A" and are considered trusted.

I have No control of the school's network. I have a spare PC with two NICs as well as a 5 port switch. My thought was to use the spare PC as a gateway/router/VPN and setup an isolated "network b" consisting of all the untrusted systems. Disallow all traffic other than the VPN connection. Connect via vpn from the 4ish trusted workstations "A" to Network B. I could use mac filtering (I think) to accomplish this and disallow any computer not specifically authorized, thereby isolating the untrusted computers completely.

View 5 Replies View Related

Slackware :: Autofs + Sshfs "Directory Not Found"

Jun 17, 2010

Having some troubles with sshfs + autofs. Roughly following this guide here: [URL] Here is /etc/auto.master:


But when I 'cd' to the dirs /mnt/sshfs/remote1 or /mnt/sshfs/remote2, I get this error:

bash: cd: remote1/: No such file or directory

View 6 Replies View Related

Networking :: Tunneling Through SSH Using OzymanDNS?

Feb 27, 2011

I am trying to setup a version of OzymanDNS but am not quite sure I am understanding part of the instructions found here.My domain/website is hosted with a web hosting company, using their name servers. I have added a sub domain [URL], using an A record to send any requests for [URL] to my home IP address, where I have a server running. Do I need to also add the code below to my server at home which has BIND installed or are the instructions expecting that I have full control of the main name server already?

Code: IN NS IN A

View 2 Replies View Related

Networking :: Is There Any Alternative To SSHFS

Oct 13, 2010

I know that SSHFS is the way to mount the file and directory on remote server. It has many advantages such as security, convenience, fast and so on. I wonder if there is disadvantage of SSHFS and the alternative to it? I am looking forward to your reply.

View 2 Replies View Related

Ubuntu Networking :: Reverse SSH Tunneling

Feb 2, 2011

I want to be able to SSH into my computer that I can't expose port 22 on. I've tried the ssh -R ... several times, but can't manage to make it work.I have my home computer (want to SSH into), server (can SSH into), and some computer I want to SSH from.Do I need to install the sshd on the machine I want to SSH into? What are the commands I need to enter to forward from my server to my home computer?

View 1 Replies View Related

Ubuntu Networking :: Tunneling Through School AP

Mar 14, 2011

I am trying to tunnel through my college's free AP so I can get access to protocols outside of http and https. The school has an in-browser DNS redirect until you log in.The output of "cat /proc/version" on the server OS is "Linux version 2.6.35-27-generic (buildd@palmer) (gcc version 4.4.5 (Ubuntu/Linar o 4.4.4-14ubuntu5) ) #48-Ubuntu SMP Tue Feb 22 20:25:29 UTC 2011" The client OS is Windows 7. What I have done so far is use Proxy Cap to redirect applications to a Putty tunnel connected to the server. Eventually I want to tunnel that SSH connection through my school's firewall, so that I can keep encryption and have a reasonable amount of ease with setup.

I am not particularly educated on the inner workings of the DNS redirecting so I was not sure what to search for. My attempts to connect Firefox over normal http proxies failed and since all ports are blocked besides http and https I didn't attempt any socks or SSH. I have also tried simply hosting the SSH server on http ports with little success. I hope that I can do this without having to purchase a domain, but that's starting to seem like that won't be the case.

View 8 Replies View Related

Networking :: Any Way Can Get It Tunneling Over Socks Proxy?

Feb 24, 2010

I have been ssh tunneling, which works great.I can browse the internet by simply tunneling my traffic through my SSH server.the following command: ssh -ND 9999 username at myserver.i cant all I have type, and I can connect to a SOCKS proxy server on localhost:9999.My problem is that I have an application that only supports HTTP proxies.Is there any way I can get it tunneling over the socks proxy?

View 4 Replies View Related

Fedora Networking :: Ssh Reverse Tunneling Failed?

May 7, 2011

I am trying to use the ssh reverse tunneling through the command

ssh -l login -p port <ip address> -R <remote port>:<local Ip>:<local port>

In order to enable some one in the remote host to connect my machine. through the command

ssh<remote port>

However when I try to execute the first ssh command above I got the warnning

Warinning: remote port forwarding failed for listen port <remote port>

The problem always happens when the remote host I have tried to connect is my Fedora 14 machine. I can do that when using an Ubuntu as the remote host.

View 9 Replies View Related

Ubuntu Networking :: How To Setup Ssh Tunneling In Firefox

Jul 15, 2010

I am useing bshellz and i want to know how do i setup ssh tunneling in firefox when i am surfing the web.I newbie when it come to ssh tunneling.

View 3 Replies View Related

Ubuntu Networking :: How To Do Split VPN Tunneling Like In Windows

Nov 3, 2010

In windows if I want to do split tunneling, I just uncheck the Use as Default Gateway Box as seen here URL...In Ubuntu, I went to my VPN connection, IPv4 settings, routes..., checked "Use this connection only for resources on its network".And I could no longer ssh into machines on campus.

View 1 Replies View Related

Ubuntu Networking :: X11 Tunneling To Windows Not Working?

Feb 20, 2011

I want to tunnel X apps to windows with PuTTY. I have the following in my sshd_config:

X11Forwarding yes
X11DisplayOffset 10


View 4 Replies View Related

Ubuntu Networking :: Ssh Tunneling To Virtual Machine?

Mar 6, 2011

I am a linux beginner and dont know that much about networks! I have access to a linux VM. The machine is remote and i access via putty. If i can access this machine via SSH and putty, is there any reason why i should not be able to use ssh tunnelling to connect to a vnc server?

I don't know the details of the server and what firewall is set up but i believe that tunnelling uses port forwarding over the ssh connection that is already set up. Where does the port forwarding actually occur? At the actual linux VM or on the router the VM is connected to?

View 1 Replies View Related

Ubuntu Networking :: SSH Port Forwarding With X11 And SSHFS?

Nov 2, 2010

I've used wake on lan and SSH on the local network for some time now. I also used SSH to mount a filesystem (SSHFS / sftp, same thing, right?) and I could forward X11, loved it. I used both these options for my convenience. So I decided it was time to open up some ports on my router (Linksys WRT320n running dd-wrt) and try to set up a remote connection. This actually worked after some time, so I'm now able to turn on my home computer from the Internet (school in my case) and then log in to it through SSH. I set this up using other ports then the default ports. Something like this (these are not the actual ports I use, just examples):

port 2112 -> port 9 (for wol, wake on lan)
port 2113 -> port 22 (for SSH)

This information might be useful: I set this up using public and private keys. This is necessary for SSHFS to work properly I think and it also makes it more secure. And then I found (and had some presumptions that this was going to happen) that both SSHFS and X11 were not working. I'd rather not open up more ports on the router for security's sake though, so I'm asking for other solutions. And if there really aren't any other solutions then which ports to forward. And if forwarding is really necessarily then how to make the client use port 2114 for SSHFS and 2115 for X11 so I can forward those ports to the default ports.

View 3 Replies View Related

Networking :: Limiting Bandwith From 2 ISP With Using One Server

Feb 21, 2011

I have 2 ISP where give me IP Public with ISP A (/29) and ISP B (/28). So, I connect this two ISP to unmanaged switch. And from that switch, I take one cable connected to eth0 on the server. (Note : My server have 2 dev ethernet, eth0 and eth1). eth1 will go to the Switch which will go to the LAN.

My Question is : 1. Is this possible to make bandwith control on the gateway server with mode separating International bandwith and local bandwith (my country bandwith)? ie, for my Mail Server I will give the "intl bandwith" only 512 kpbs and for local bandwith with 1Mbps. What a software can I use for this model ?

2. Which model I should to used, with NAT or with Bridging router? That's all for now..

View 5 Replies View Related

Networking :: Limiting Bandwidth Per IP In Ubuntu

Apr 12, 2010

You may have seen some other posts by me about my final year college project. Im implementing a web based network management website. Iv got a lot of the functionality working at this stage but one part is allocating bandwidth.

Iv got an eircom 3mb broadband connection and I want to be able to split this between users. At the moment I only have my desktop and laptop on the network. Im looking for advice on how i can allocate bandwidth with iptables and/or the tc tool in ubuntu.

My website is on an ubuntu virtual machine and written in php. Whatever about running the iptables and tc commands from php I still need to figure out the actual commands i need to use in the first place.

View 14 Replies View Related

Fedora Networking :: Modules Needed For Gre And Other Tunneling Support?

Sep 23, 2010

When I try to create a network tunnel, I get ioctl: no such device returned by the terminal. Which modules do I need to ad with insmod to enable tunneling?

View 2 Replies View Related

Copyrights 2005-15, All rights reserved