Vote

Open SSH helps you to realize a restricted access because it can be useful to prevent a user from attaching system folders other than your personal folder.

OpenSSH

OpenSSH includes the function ChrootDirectory since OpenSSH 4.9 version, the following command can install OpenSSH if it is not already integrated to your system :

Please take into account that the following modifications allow the user to a restricted access in the assigned SFTP folder and deprives him of his right to connection in SSH


User rights

Now we can :
– create a group for restricted users,
– create our restricted user,
– change the configuration of his home folder (it must belong to root to be chrooted) and its content :


Chroot configuration

All there’s left is to configure OpenSSH by editing its configuration file /etc/ssh/sshd_config :

Definition of the group to whom restriction is applied.

Definition of the restriction file, that is the home folder of each concerned users.

Disable X11Forwarding.

Disable TCPForwarding.

The service must be restarted :

It may be useful to disable the restriction for a particular user via the following configuration :


Categories: SystemTutorials

Related Posts

System

Installation of a web server LEMP (Linux, Nginx, MySQL, PHP)

Vote The installation of a server LEMP Linux + Nginx + MySQL + PHP might be more useful and efficient than an Apache (server LAMP). Articles similaires

System

Operating load-balancing with HAproxy

Vote HAproxy is a software allowing Load-Balancing between several web servers by allocating requests in an almost transparent way for the user. Articles similaires

System

10 tips to write efficient scripts on Linux

Vote The shell script is the most simple type of programming you would write on Linux. Moreover, it is a necessary skill to automate your system administration tasks, to develop new simple features, … In Read more…