From owner-freebsd-questions@FreeBSD.ORG Thu Mar 31 01:52:14 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DD1916A4CE for ; Thu, 31 Mar 2005 01:52:14 +0000 (GMT) Received: from juansanchez.net (juansanchez.net [64.81.240.253]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0455343D41 for ; Thu, 31 Mar 2005 01:52:14 +0000 (GMT) (envelope-from jsanchez@juansanchez.net) Received: from juansanchez.net (localhost.net [127.0.0.1]) by juansanchez.net (8.13.1/8.13.1) with ESMTP id j2V1q3F3027102; Wed, 30 Mar 2005 17:52:05 -0800 (PST) (envelope-from jsanchez@juansanchez.net) Received: from localhost (jsanchez@localhost)j2V1q08k027099; Wed, 30 Mar 2005 17:52:02 -0800 (PST) (envelope-from jsanchez@juansanchez.net) Date: Wed, 30 Mar 2005 17:51:59 -0800 (PST) From: Juan Sanchez To: Duane Winner In-Reply-To: <424B13EF.6050400@att.net> Message-ID: <20050330174900.P27079@juansanchez.net> References: <424B13EF.6050400@att.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-questions@freebsd.org Subject: Re: ssh - restricted shell X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Mar 2005 01:52:14 -0000 Couldn't you put everyone else into the same group, except for the outsider? Then you could make secret directories -rwx. Directories without execute permission cannot be listed. Regards, Juan On Wed, 30 Mar 2005, Duane Winner wrote: > Hello, > > Does anybody know the best technique to accomplish this: > > We have a server that we use for mostly internal development, and run an SSH > server. > > We have an outsider who we want to allow to ssh into this server and do some > work. > > However, because he is an outsider, we don't want him roaming around our > server, moving, looking, doing, or anything outside of his own home > directory. > > How can I restrict him to his own home directory? > > I thought I ran into instructions once for doing this, but I can't find > anything right now. > > Or was I thinking of scponly ? > > That might do it, except we do need to set him up to to run some scripts > within his home directory after he uploads stuff via scp. > > Thanks, > DW > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >