security « High Tech Sorcery

Tag: security

Setting up a user with only scp and sftp access

by specialj on Jan.19, 2010, under Sysadmin

In the olden days one had to use packages such as scponly and rssh in order to restrict a user account to just being able to use scp and sftp. Now that functionality is built into OpenSSH. A client wanted me to setup such an account for 1 user on a system. I modified sshd_config like this:

Match user username
  ChrootDirectory /home/%u
  ForceCommand internal-sftp
  X11Forwarding no
  AllowTcpForwarding no

Note that this only works in Ubuntu 8.10 and later and Debian 5.0 and later. Also, be aware that the home directry has to be owned by root and not writable by the user for security reason. So a directory inside the home directory will need to be created for the user to upload any files.

(continue reading…)

Leave a Comment :chroot, debian, security, ssh, sshd, ubuntu more...

Hi! Welcome to High Tech Sorcery!
Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed. See ya around!

Categories
Tags
bcdedit cache chroot debian drivers gplpv howto opensuse pygrub rack rails rails 3.1 rdp security ssh sshd ubuntu windows xen
Recent Posts
Meta
Archives
- May 2012
- January 2012
- December 2011
- November 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010

High Tech Sorcery

Tag: security

Setting up a user with only scp and sftp access

Hi! Welcome to High Tech Sorcery!

Categories

Recent Posts

Meta

Archives

Looking for something?

Blogroll

Archives

High Tech Sorcery

Tag: security

Setting up a user with only scp and sftp access

Hi! Welcome to High Tech Sorcery!

Categories

Tags

Recent Posts

Meta

Archives

Looking for something?

Blogroll

Archives