On 12-08-18 06:55, mett wrote: > Hi, > > I m wondering about the best way to restrict a user after > he has ssh'd into his web folder. > > Up to now, the users I had were using only FTP > to log into their web folder, > and upload stuff in there > (chrooted in their folder with vsftpd). <snip> > The setup is a devuan server under jessie with apache2 providing > http server. > Then, I use php-fpm to tie user, web-server and php processes. > The passwd files is as below: > 'user01:x:9999:9999:user01,,,:/home/www/example.com/:/bin/bash'. > > TIA > _______________________________________________ > Dng mailing list > [email protected] > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
When you intend to replace ftp you can start with limiting the user to use sftp only. No need to have a login shell. That part of my sshd_config looks like: Subsystem sftp internal-sftp Match group sftponly ChrootDirectory /home/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp Grtz. Nick _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
