From owner-freebsd-questions@FreeBSD.ORG Wed Mar 30 21:02:49 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8095016A4CE for ; Wed, 30 Mar 2005 21:02:49 +0000 (GMT) Received: from mtiwmhc11.worldnet.att.net (mtiwmhc11.worldnet.att.net [204.127.131.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01BE043D4C for ; Wed, 30 Mar 2005 21:02:49 +0000 (GMT) (envelope-from dwinner-lists@att.net) Received: from [10.10.100.96] (unknown[216.113.237.29]) by worldnet.att.net (mtiwmhc11) with ESMTP id <200503302102461110013h5re>; Wed, 30 Mar 2005 21:02:46 +0000 Message-ID: <424B13EF.6050400@att.net> Date: Wed, 30 Mar 2005 16:02:39 -0500 From: Duane Winner User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050330) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: ssh - restricted shell X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Mar 2005 21:02:49 -0000 Hello, Does anybody know the best technique to accomplish this: We have a server that we use for mostly internal development, and run an SSH server. We have an outsider who we want to allow to ssh into this server and do some work. However, because he is an outsider, we don't want him roaming around our server, moving, looking, doing, or anything outside of his own home directory. How can I restrict him to his own home directory? I thought I ran into instructions once for doing this, but I can't find anything right now. Or was I thinking of scponly ? That might do it, except we do need to set him up to to run some scripts within his home directory after he uploads stuff via scp. Thanks, DW