I created a user called 'uploads' with all the permissions and stuff that a normal user would have. I changed the shell to /bin/false and tried to scp from my laptop with no success. I would issue the scp command and it would ask me for a password. However, after entering the password it would always say 'lost connection'. I changed the shell back to /bin/bash and it worked normally after that.
I may try to look over the script from the website that Rick pointed out if no one else has any ideas. The web form idea from Cristobal was a good idea, but I am trying to do this from a script. My offices downtown are on OSX and they are trying to set up scripts that will automatically send me files. So, I told them they could just scp the files over to me. I could probably just issue them an id and they would add it to their script and forget about it. However, I just don't want an id floating around out there that someone could use and just go browsing around the fs, looking at whatever they wanted. (Was it the Kinks that said, "Paranoia will destroy ya...") I could also set up a chroot jail with proftp but I'd really like to use scp and get this figured out for future use. Thanks to everyone for their help! Thanks, Mark. On 1/16/06, William Sutton <[EMAIL PROTECTED]> wrote: > > What happens if you put /bin/false for the shell? should let them scp to > only where they have permission (e.g., home/user) but not login, correct? > > -- > William Sutton > > > On Mon, 16 Jan 2006, Mark Freeze wrote: > > > What are some ways to restrict a ssh user to their home (or any) > > directory? What I am trying to do is set up a username that is jailed > to a > > specific directory so users can drop off files via SCP. I don't want > them > > navigating around the fs if they were to log in with ssh. And, what > about if > > they tried to SCP a file to somewhere other than /home/username? I > looked at > > chrooting but that would just restrict them if they logged in. I saw > this > > package http://www.sublimation.org/scponly/ but I was trying to do this > on > > my server without adding a bunch of packages or 3rd-Party stuff. > > > > Thanks, > > Mark. > > -- > > TriLUG mailing list : > http://www.trilug.org/mailman/listinfo/trilug > > TriLUG Organizational FAQ : http://trilug.org/faq/ > > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > > > > > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
