Keith Palmer wrote:
OK, I'm sure this question has been asked a million times, but I havn't
been able to find a straight answer that actually solves the problem, so
We have a FreeBSD server with multiple users. I would rather each user
*not* be able to view other users' files via an SSH or SFTP session. i.e.
if I'm logged in as "keith" I should *not* get a list of files when I do
I realize I can fix this by setting the permissions on the "/home/shannon"
directory to 700. *However* then Apache (running as user "www") won't
display the documents in "/home/shannon/public_html" from
"http://ip-address/~shannon/", instead returning a "403 Forbidden" error.
Sooo... how can I set this up so that users can't view other user's files,
but Apache still works?
I would prefer *not* to use jails, as it sounds like a lot of overhead and
complicated to set up... is there another way?
I've looked at rbash, but it looks like it disables a whole bunch of other
stuff. My users still need a usable SSH shell. I've looked at rssh and
scponly, but they seem to disallow SSH shell access completely.
Thanks in advance!
You can chroot the user into their own home dir. Check out the
ChrootDirectory sshd_config option.
The whole internet thing is sucking the life out of me,
there ain't no pony in there.
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"