On 10/10/18 at 22:33, Alessandro Selli wroe:
> Il 10/10/18 18:51, Lars Noodén ha scritto:
>> On 10/10/18 7:30 PM, Alessandro Selli wrote:
>>> Works for me:
>> ...> [root@wrkstn02 ~]# lsb_release -d ; uname -r
>>> Description: Devuan GNU/Linux 2.0 (ascii)
>>> 4.18.0-0.bpo.1-amd64
>> Hmmm. I'm
Il 10/10/18 18:51, Lars Noodén ha scritto:
> On 10/10/18 7:30 PM, Alessandro Selli wrote:
>> Works for me:
> ...> [root@wrkstn02 ~]# lsb_release -d ; uname -r
>> Description: Devuan GNU/Linux 2.0 (ascii)
>> 4.18.0-0.bpo.1-amd64
> Hmmm. I'm using just the stock kernel. Maybe that is the
On 10/10/18 7:30 PM, Alessandro Selli wrote:
> Works for me:
...> [root@wrkstn02 ~]# lsb_release -d ; uname -r
> Description: Devuan GNU/Linux 2.0 (ascii)
> 4.18.0-0.bpo.1-amd64
Hmmm. I'm using just the stock kernel. Maybe that is the difference:
$ lsb_release -d; uname -r
Description:
Il 10/10/18 06:28, Lars Noodén ha scritto:
> On 10/10/18 12:38 AM, taii...@gmx.com wrote:
>> You can use apparmor to do this quite easily - afaik there are a few
>> tutorials for it.
> Last I checked, apparmor does not function with Devuan:
>
> # /etc/init.d/apparmor start
>
On 10/10/18 12:38 AM, taii...@gmx.com wrote:
> You can use apparmor to do this quite easily - afaik there are a few
> tutorials for it.
Last I checked, apparmor does not function with Devuan:
# /etc/init.d/apparmor start
/etc/init.d/apparmor: 130: /etc/init.d/apparmor:
You can use apparmor to do this quite easily - afaik there are a few
tutorials for it.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
On 12/08/18 14:55, mett wrote:
> I m wondering about the best way to restrict a user after he has
> ssh'd into his web folder.
I solved this problem a different way.
Created a VM just for the required user(s). They needed to provide
their
On 08/13/2018 10:45 AM, info at smallinnovations dot nl wrote:
> On 13-08-18 09:40, Lars Noodén wrote:
>> On 08/13/2018 10:36 AM, info at smallinnovations dot nl wrote:
>>> On 13-08-18 09:31, Lars Noodén wrote:
>>>
>>>
>>> I worked the other way, Apache is able to work with symlinks. I only
>>>
On 13-08-18 09:40, Lars Noodén wrote:
> On 08/13/2018 10:36 AM, info at smallinnovations dot nl wrote:
>> On 13-08-18 09:31, Lars Noodén wrote:
>>
>>
>> I worked the other way, Apache is able to work with symlinks. I only
>> needed to make www-data member of the users group.
> Eek. Think instead
On 08/13/2018 10:36 AM, info at smallinnovations dot nl wrote:
> On 13-08-18 09:31, Lars Noodén wrote:
>
>
>>> BTW I use this configuration combined with a symbolic link from
>>> /var/www/html/website to /home/%u/website. This way it is much safer
>>> then ftp, they cannot login while they still
On 13-08-18 09:31, Lars Noodén wrote:
>> BTW I use this configuration combined with a symbolic link from
>> /var/www/html/website to /home/%u/website. This way it is much safer
>> then ftp, they cannot login while they still are able to maintain their
>> own website. Rsync over SSH is another
On 08/13/2018 10:10 AM, info at smallinnovations dot nl wrote:
> On 13-08-18 03:31, mett wrote:
>> On Sun, 12 Aug 2018 13:18:23 +0200
>> info at smallinnovations dot nl wrote:
>>
[snip]
>>> That part of my sshd_config looks like:
>>>
>>> Subsystem sftp internal-sftp
>>> Match group sftponly
>>>
On 08/13/2018 08:06 AM, Didier Kryn wrote:
> But allowing ssh connections with a restricted shell permitting only
> the commands used by rsync could be the way. But you would probably need
> to forbid the fancy features of ssh, like port forwarding.
If they use SSH keys (and only keys) for
On 08/13/2018 04:29 AM, mett wrote:
[snip]
> To be honest, rbash is what I thought of, first.
>
> 2 things refrain me from using it:
> -user cannot cd in his subdirectories
[snip]
Ok. That is potentially a big barrier.
> -the wikipedia example of writing 'bash' at the command line
> and then
On 13-08-18 03:31, mett wrote:
> On Sun, 12 Aug 2018 13:18:23 +0200
> info at smallinnovations dot nl wrote:
>
>> On 12-08-18 06:55, mett wrote:
>>> Hi,
>>>
>>> I m wondering about the best way to restrict a user after
>>> he has ssh'd into his web folder.
>>>
>>> Up to now, the users I had
Le 12/08/2018 à 07:38, Rick Moen a écrit :
Quoting mett (m...@pmars.jp):
I m wondering about the best way to restrict a user after
he has ssh'd into his web folder.
Try a chroot jail.
https://www.tecmint.com/restrict-ssh-user-to-directory-using-chrooted-jail/
or
On Sun, 12 Aug 2018 13:18:23 +0200
info at smallinnovations dot nl wrote:
> On 12-08-18 06:55, mett wrote:
> > Hi,
> >
> > I m wondering about the best way to restrict a user after
> > he has ssh'd into his web folder.
> >
> > Up to now, the users I had were using only FTP
> > to log into
On Sun, 12 Aug 2018 09:38:45 +0300
Lars Noodén wrote:
> On 08/12/2018 09:10 AM, KatolaZ wrote:
> > On Sun, Aug 12, 2018 at 01:55:00PM +0900, mett wrote:
> [snip]>> I m considering giving ssh access but I realized that
> >> chroot for ssh looks quite involved.
> >>
> >> So, I m wondering if
On Sat, 11 Aug 2018 22:38:52 -0700
Rick Moen wrote:
> Quoting mett (m...@pmars.jp):
>
> > I m wondering about the best way to restrict a user after
> > he has ssh'd into his web folder.
>
> Try a chroot jail.
> https://www.tecmint.com/restrict-ssh-user-to-directory-using-chrooted-jail/
> or
On 12-08-18 06:55, mett wrote:
> Hi,
>
> I m wondering about the best way to restrict a user after
> he has ssh'd into his web folder.
>
> Up to now, the users I had were using only FTP
> to log into their web folder,
> and upload stuff in there
> (chrooted in their folder with vsftpd).
> The
On 08/12/2018 09:10 AM, KatolaZ wrote:
> On Sun, Aug 12, 2018 at 01:55:00PM +0900, mett wrote:
[snip]>> I m considering giving ssh access but I realized that
>> chroot for ssh looks quite involved.
>>
>> So, I m wondering if using 'chmod o-r'
>> for folders(and subfolders), and files on
>> /etc,
On Sun, Aug 12, 2018 at 01:55:00PM +0900, mett wrote:
> Hi,
>
> I m wondering about the best way to restrict a user after
> he has ssh'd into his web folder.
>
> Up to now, the users I had were using only FTP
> to log into their web folder,
> and upload stuff in there
> (chrooted in their
Quoting mett (m...@pmars.jp):
> I m wondering about the best way to restrict a user after
> he has ssh'd into his web folder.
Try a chroot jail.
https://www.tecmint.com/restrict-ssh-user-to-directory-using-chrooted-jail/
or
Hi,
I m wondering about the best way to restrict a user after
he has ssh'd into his web folder.
Up to now, the users I had were using only FTP
to log into their web folder,
and upload stuff in there
(chrooted in their folder with vsftpd).
I m considering giving ssh access but I realized
24 matches
Mail list logo
