From owner-freebsd-questions Fri Jan 31 11:20:36 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB9A937B401 for ; Fri, 31 Jan 2003 11:20:34 -0800 (PST) Received: from pa-plum1b-166.pit.adelphia.net (pa-plum1b-166.pit.adelphia.net [24.53.161.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id B78AC43F75 for ; Fri, 31 Jan 2003 11:20:33 -0800 (PST) (envelope-from wmoran@potentialtech.com) Received: from potentialtech.com ([172.16.0.95]) by pa-plum1b-166.pit.adelphia.net (8.12.3/8.12.3) with ESMTP id h0VJLxT5001824; Fri, 31 Jan 2003 14:22:00 -0500 (EST) (envelope-from wmoran@potentialtech.com) Message-ID: <3E3ACC2D.5020506@potentialtech.com> Date: Fri, 31 Jan 2003 14:19:09 -0500 From: Bill Moran User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20021127 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jay Sern Liew Cc: freebsd-questions@freebsd.org Subject: Re: restricting user's directory listing and changing References: <1044035168.3e3ab660cc8d5@horde-send.sendtech.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Jay Sern Liew wrote: > Greetings. > > Basically, I have this group of users, that I give SSH/SFTP access, but I > don't want them to be able to see the complete file hierarchy and ``cd'' to > them. I just want a user to be able to access the user's home, and that's it Look at the docs on the chroot command, this is what you want (I think) I'm not 100% sure how to make sshd do a chroot when you log in, but I'd be real surprised if it's terribly difficult to do. > Has anyone wanted to do this before? Absolutely, this is very common. > I was thinking, or maybe I > could redirect that group of users to use a different version of the command > ``cd'' and ``ls'' so that it will only work within their home directories. You could, but that's probably a more difficult solution. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message