From owner-freebsd-questions@FreeBSD.ORG Mon Nov 24 07:31:03 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77C4316A4CF for ; Mon, 24 Nov 2003 07:31:03 -0800 (PST) Received: from c009.snv.cp.net (h018.c009.snv.cp.net [209.228.34.131]) by mx1.FreeBSD.org (Postfix) with SMTP id C5F6443FDD for ; Mon, 24 Nov 2003 07:31:01 -0800 (PST) (envelope-from shrikant@corp.123india.com) Received: (cpmta 29400 invoked from network); 24 Nov 2003 07:31:00 -0800 Received: from 209.228.34.119 (HELO mail.corp.123india.com.criticalpath.net) by smtp.corp.123india.com (209.228.34.131) with SMTP; 24 Nov 2003 07:31:00 -0800 X-Sent: 24 Nov 2003 15:31:00 GMT Received: from [203.115.113.14] by mail.corp.123india.com with HTTP; Mon, 24 Nov 2003 07:31:00 -0800 (PST) Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 To: freebsd-questions@FreeBSD.ORG From: shrikant@corp.123india.com X-Sent-From: shrikant@corp.123india.com Date: Mon, 24 Nov 2003 07:31:00 -0800 (PST) X-Mailer: Web Mail 5.5.0-3_sol28 Message-Id: <20031124073100.22701.h006.c009.wm@mail.corp.123india.com.criticalpath.net> cc: freebsd-questions@FreeBSD.ORG Subject: Re: Restricting SSH access to only a users home directory..... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Nov 2003 15:31:03 -0000 Hello, Here is a method whihc i followed , http://www.tjw.org/chroot-login-HOWTO/ This one is for linux I made the dummy structure for the user as per freeBSD architect but all atlast gave me an error "su: /bin/userchroot: No such file or directory" when i tired to login by that user Shri On 24 Nov 2003 09:20:21 -0500, Lowell Gilbert wrote: > > "Sunil Sunder Raj" writes: > > > This depends on the shell not ssh configuration. Install rbash and > > assign it to the user having ssh access. > > Just remember that "restricted" shells like rbash are not very hard to > break out of, so you can't rely on them as a security measure. It's a > good way to go if you're mostly trying to avoid confusing the user in > question, or as a protection against shooting yourself in the foot.