You'd have to have a copy of cp, mkdir, mv, rm, etc in ~/bin or something like that then. Most of these reside in /bin and the user would not be able to execute them if you lock them down to ~ It seems like I recall a patch that you can apply to the ssh source prior to compilation that would allow you to jail a user to his/her ~ A quick search on Google: http://tinyurl.com/24fxt Mike > -----Original Message----- > From: shrike-list-admin@xxxxxxxxxx > [mailto:shrike-list-admin@xxxxxxxxxx] On Behalf Of Christopher Davis > Sent: Thursday, March 11, 2004 12:25 PM > To: shrike-list@xxxxxxxxxx > Subject: RE: chroot ssh logins > > Mike: > > > -----Original Message----- > > From: shrike-list-admin@xxxxxxxxxx > > [mailto:shrike-list-admin@xxxxxxxxxx]On Behalf Of Mike Burger > > Sent: Thursday, March 11, 2004 6:34 AM > > To: shrike-list@xxxxxxxxxx > > Subject: Re: chroot ssh logins > > > > > > You could try setting their shell to rsh (if it's > > available on your > > system)...on may *nix systems, rsh is a > > restricted shell, not allowing > > them to do much outside of their home dir. > > > > Keep in mind that chrooting them, however, as you > > describe below, means > > that they can't run most of the basic commands > > that live in /bin, > > /usr/bin, etc. > > > That's exactly what I'm trying to accomplish. My goal is to > convert an ftp server to ssh only. I do not want regular > users to have any more capabilities than to upload/download > files, copy/move/rename files, create directories and ch > into the directories in their home directory -- all without > any of these activities being able to be executed any higher > than their home directory. > > I tried rsh, but once connected via ssh I'm still able to > move around the filesystem. > > Thanks! > Christopher Davis > > > > -- > Shrike-list mailing list > Shrike-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/shrike-list > -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
