Re: Disabling specific commands in sftp

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Alexandre MALDEME wrote:
> On CentOS 7 I’m trying to set up a chrooted SFTP server on which
> specific users can only read and write on specific folder.

I don't know if your CentOS 7 constraint is helpful for you, but sshd
has a ChrootDirectory configuration option and if you use
internal-sftp for the sftp subsystem you do not need any special
files in the chroot.


> And I’d like to disable some commands, so the users can only do
> ‘cd’, ‘ls’, ‘get’ and ‘put’ (and disabling ‘chgrp’, ‘chmod’,
> ‘chown’, ‘df’ etc …).

As for arbitrarily disabling commands, that may well need patching,
because the OpenSSH sftp server does not really have any (policy)
configuration. I for one like that.


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux