RE: Limiting system and filesystem access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks, Ed.  Maybe I'll just have to be happy with the rssh solution.
It's not perfect, but it's better than nothing.

Regards, Marshall

-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Ed Wilts
Sent: Thursday, December 08, 2005 12:36 PM
To: General Red Hat Linux discussion list
Subject: Re: Limiting system and filesystem access


On Thu, Dec 08, 2005 at 11:19:46AM -0600, McDougall, Marshall (FSH)
wrote:
> I apologize if this is too OT.  

It's absolutely on topic.

> So my burning question is:  How do I give this user sftp access only
to
> a very limited area of my system?  Any assistance appreciated.

There is no supported and secure method of chroot'ing a user using
openssh.  Sadly enough, any number of open source FTP servers will
gladly do this for you making FTP *more* secure than SFTP for this type
of application.  This is especially true if you can make ftp/tls work
for you.

What we're doing is buying the Tectia SSH server for our external-facing
servers.  It's commercial but will give us secure chroot'ed access to
the file systems for our external customers.

        .../Ed

-- 
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts@xxxxxxxxxx
Member #1, Red Hat Community Ambassador Program

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux