One option is to set the shell to be the sftp-server (don't forget to
add it to /etc/shells). The only problem with that is it doesn't chroot
them. So they could still wander around the file system with sftp
client. You can find various patches to implement the chroot if you
google for "sftp chroot." One of them is here:
http://chrootssh.sourceforge.net/index.php
-Matt
Scott Lundgren wrote:
I only want to allow users to SFTP into their account and not let them
have shell access in their account. Google has a couple choices:
a fake shell:
http://lists.suse.com/archive/suse-security/2002-Mar/0351.html
a restricted shell: http://www.pizzashack.org/rssh/index.shtml
jailkit: http://olivier.sessink.nl/jailkit/
Any recommendations or other solutions?
danke,
Scott
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
