I am intending that sftp will be used for the file transfer. The problem is that once I create the account that will use sftp it automatically has the ability to log in with ssh and wander around the system. I would like to limit the users ability to travel ouside of the home directoy and to execute commands. I have tried to define the user with /dev/false as it's shell but then I can't log in.
On Thu, 31 Jul 2003, Moshe Shemesh wrote: > Hi Chaim, > > Did you consider using sftp-server ? It's ftp server running on top of > SSH. you will need sftp clint to access it. > > Moshe Shemesh > Liraz-x > > > ----- Original Message ----- > From: "Chaim Keren Tzion" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, July 31, 2003 11:57 AM > Subject: SSH Jail > > > > Shalom, > > > > I need to set up an FTP server or an account that will use SSH for a user > > outside of our organization that needs to send us data. They haven't been > > able to successfully set one up on their end. I would like to avoid > > setting up and FTP server because of the security issues but I am also > > concerned about setting up an account that they can access via SSH because > > they will log in as a regular user and have lots of rights. Is there a > > good way to create a jail and otherwise limit an account that will be > > accessed via SSH? They need the account only for data transfer. > > > > > > -- > > > > Chaim Keren Tzion | [EMAIL PROTECTED] > > System Administrator | The Hebrew University of Jerusalem > > Dept. of Neurobiology | Tel: 972-2-658-5083 > > Inst. of Life Science | Cel: 972-54-652983 > > Jerusalem 91904, Israel | Fax: 972-2-658-6296 > > ...................... | ............................ > > > > > > > > ================================================================= > > To unsubscribe, send mail to [EMAIL PROTECTED] with > > the word "unsubscribe" in the message body, e.g., run the command > > echo unsubscribe | mail [EMAIL PROTECTED] > > > > > > -- Chaim Keren Tzion | [EMAIL PROTECTED] System Administrator | The Hebrew University of Jerusalem Dept. of Neurobiology | Tel: 972-2-658-5083 Inst. of Life Science | Cel: 972-54-652983 Jerusalem 91904, Israel | Fax: 972-2-658-6296 ...................... | ............................ ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
