1

Today i did give acces to SSH to my friend,and i want hem only to shay in folders that he is owning.So that is his home folder.

So,how can i make sure that he will only have acces to that folder? I did try using rbash,but he cant cd to his own folders.Can someone help?

fhntv24
  • 133
  • 1
  • 4

2 Answers2

3

This is probably more complex than some people realize. The reason is that you need to allow access to some binaries, for the jailed users to be able to do anything. Otherwise the user will be unable even to move back and forth between his own directories, to list and edit his own files, and so on.

There is a truly minimal, and simple solution on AskUbuntu, here. It is elegant and effective, and takes advantage of apparmor's profiles.

If this is too minimal, you may try googling ssh chroot jail. You will discover very many different solutions. This site provides a script that will do most (not all) of the work for you.

Community
  • 1
MariusMatutiae
  • 46,990
  • 12
  • 80
  • 129
  • then just block all folders that not "linux" folders? Why not,there is only one of them(that i need to block) – fhntv24 Feb 18 '14 at 18:12
  • @fhntv24 What are "linux" folders? – MariusMatutiae Feb 18 '14 at 18:15
  • folders,that if they dont exists,you wont able to login? – fhntv24 Feb 18 '14 at 18:16
  • About minimal link you shared. It seems that the solution does not work anymore on latest ubuntu version: I have done `sudo su - testuser` but nothing happens. What should I do? And `sudo -su testuser` opens at under jail user directory but I can still see others' directory. @MariusMatutiae – alper May 11 '18 at 14:51
1

I know this question is old but this helped me.

chmod o-x /home/*

run the above command from sudo and it will limit a user to its own home dir.

scottydelta
  • 1,377
  • 1
  • 8
  • 5