Hi, I m wondering about the best way to restrict a user after he has ssh'd into his web folder.
Up to now, the users I had were using only FTP to log into their web folder, and upload stuff in there (chrooted in their folder with vsftpd). I m considering giving ssh access but I realized that chroot for ssh looks quite involved. So, I m wondering if using 'chmod o-r' for folders(and subfolders), and files on /etc, /home, /root, /usr and /var is a viable solution. Restricting read privilege would allowed me to stop that user from copying files I don t want he copies, as well as listing directories I don t want he lists. Still the user would be able to access system and other users' folders, but if he cannot do anything in there, then there is no point for him to do it. What do you think? The setup is a devuan server under jessie with apache2 providing http server. Then, I use php-fpm to tie user, web-server and php processes. The passwd files is as below: 'user01:x:9999:9999:user01,,,:/home/www/example.com/:/bin/bash'. TIA _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
