-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You always have the option of changing their login shell to '/bin/bash -s' which locks them in. Unfortunately, it also takes away their access to things like, 'ls' and 'cp' and 'vi', etc., unless you include copies in their home folder. You also need to remember that some apps like 'vim' will allow a user a shell escape which can break the limits you set. Make sure to give them access only to the secure version. For 'vim' that would be 'rvim'. Benny J. Bakshi wrote: > Dear list, > > I am running a remote suse server and need to give ssh access to the users who can work on their particular web folder only. The version of ssh server is openssh-5.0p1-21.1 > > I have already did huge google search but could not find any sshd features which can allow ssh users > to restrict them in their home directory. I have found some documentations where chroot or jailkit is used to achieve this and > these need some more configuration and obviously "chown root:root <home-folder>" . But I need an option which simply restrict ssh users so that they can't browse beyond their home directory. It is also not possible to do "chown root:root <home-folder>" as the folders which are used as home directory are actually web folder under apache htdocs having apache permission. I don't need sftp but ssh access. Is it really impossible to have this feature through ssh technology ? > > Thanks > - -- Benny Helms Unix SysAdmin Montana Interactive, LLC Office: 406-449-3468 Ext 230 Mobile: 406-431-5927 benny@xxxxxxxxxx Registered Linux user #287649 at http://counter.li.org CONFIDENTIALITY NOTICE: This email and any attachments are confidential. If you are not the intended recipient, you do not have permission to disclose, copy, distribute, or open any attachments. If you have received this email in error, please notify us immediately by returning it to the sender and delete this copy from your system. Thank you. MT.gov / Montana Interactive -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJJ71ICAAoJEI4JEV90z/PryDEP/jI7CXpy6wUKcfrIGtjPnqcE 7zFCBiUvgP9r5qbtV37JYxllb63V6WsjK557iIXY2s2AG/UJH+/1+B5WbDAz3Z3l 0eQ4XNFc9lYgtDIkuRZjfAbB4H0yIgtairyUe57jm1p+ER9LynoD2klobgj+SHjN gHhXJmDTeEgCaDnGFe4DavL7WrYeyLEKxS0Dbqt58aXPD54OiGRbrZNKlsIDGnZp QSI7phOT7yQ3laU8MF0S07d4f7qm+2GwBeZjTklycaGg5gVGripQtsLtjwEeqMU8 8vwq56TWVo7pWbnPgEXqfYtGtWfRaisZn/q0I0vheOj2gb7OSKwqRzerklXU9Mi4 /TQVvJy9YG6bZPJzOjMaWPEP+kM75Uq45AqqCRGpLh2sF/eP4jsFHjbHthLWzRY3 fEHqi0mVyTK1D+0++yopb9QGSmSsnoAn+SBFVwLJdhz7e3La3Yw9x9fvEptm/KvI cQcBSmnrnKzKSSC6oVfXDAOMzoZQedP8STalcm+WepdyNitWOwiUvyh0s/cXDT2x ohgYosZbRZuVs8PQ2b5Y94v9CvuzONodI4f3dz1cM0Jwd8bswKBUqZJkbwfdMqt3 YBrhH6CFoF0Kck4pVIr9TEpT1GMrngOLOF0wDuHOWEh//2UwWwYKy541Ilz2QE+s i6kXJLKEENivE2eVwqkm =9d/u -----END PGP SIGNATURE-----