From owner-freebsd-questions@FreeBSD.ORG Wed Apr 11 08:22:23 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B411916A400 for ; Wed, 11 Apr 2007 08:22:23 +0000 (UTC) (envelope-from nagylzs@freemail.hu) Received: from smtp.enternet.hu (smtp.enternet.hu [62.112.192.21]) by mx1.freebsd.org (Postfix) with ESMTP id 7401413C45E for ; Wed, 11 Apr 2007 08:22:23 +0000 (UTC) (envelope-from nagylzs@freemail.hu) Received: from [62.68.177.164] (helo=[172.16.0.43]) by smtp.enternet.hu with esmtpa (Exim 4) id 1HbY5r-0003Ir-F7; Wed, 11 Apr 2007 10:22:19 +0200 Message-ID: <461C9ABB.70005@freemail.hu> Date: Wed, 11 Apr 2007 10:22:19 +0200 From: =?ISO-8859-1?Q?Nagy_L=E1szl=F3_Zsolt?= User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: L33T Networks , freebsd-questions@freebsd.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: Locking SSH Users to $HOME X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Apr 2007 08:22:23 -0000 L33T Networks wrote: > Using the SSHD server, how can I lock users SSH'ing into a box into their > home directory, without having access to the /usr/home directory as a whole? > You might setup 700 rights for the home directories, then the users won't see each other's files. Is it what you want? If you want to hide all directories, except their homes, then you are in trouble. There are some essential files needed to run a "shell". I'm not sure, but you might be able to use a special shell that does chroot and makes / the home directory? If you do not want them to run programs, just access their files over SSH/SCP, then the "scponlyc" port can be a good solution for you. Best, Laszlo