[scponly] how to make user go to incoming directory after long // in passwd does not work
gui at function.com
gui at function.com
Sat Feb 10 00:30:38 EST 2007
okay, managed to get the // in /etc/passwd working
my mistake - the directory after // should be the sub-directory and
not full path.
but is there a way to prevent the user from doing a cd ../ ?
That is, the user cannot go higher than the incoming directory-
sort of a chroot within a chroot?
thanks
Quoting gui <gui at function.com>:
> Hi All
>
> I installed scponly on a Freebsd system for use with sftp-server, and it
> is working fine.
>
> I've read the mailing lists but cannot find a way to hide the chrooted
> subfolders, i.e., bin, etc, lib, libexec and usr folders from the the user?
>
> I've also tried putting the // in the /etc/passwd file, but still cannot
> make the user
> go into the incoming folder immediately after he has logged on?
> (
> entry in /etc/passwd == test6:*:2023:2023:User
> &:/home/test6//home/test6/incoming:/usr/local/sbin/scponlyc
> where /home/test6 is the chrooted folder containing bin, etc, lib,
> libexect, etc.
> and /home/test6/incoming is the folder user will be directed to after
> login.
> )
>
>
> Is there something like Freebsd's /etc/ftpchroot file for this -
> so that after loggin in , the user will not just go to the incoming folder
> but he also cannot get out of it?
> (there is a Freebsd sftp-server patch to create the sftpchroot feature but
> I cannot get it to work).
>
>
>
> Thank you very much in anticipation.
>
> Gui
>
>
>
> This is my psftp screen output.
> How to hide the bin, etc, lib, libexec and usr folders?
> How to make incoming the folder that test6 user goes into after login
> and he cannot come out of it ?
>
> psftp: no hostname specified; use "open host.name" to connect
> psftp> open 192.168.3.5
> login as: test6
> Using keyboard-interactive authentication.
> Password:
> Remote working directory is /
> psftp> ls
> Listing directory /
> drwxr-xr-x 8 0 0 512 Feb 9 21:16 .
> drwxr-xr-x 8 0 0 512 Feb 9 21:16 ..
> drwxr-xr-x 2 0 0 512 Feb 9 21:14 bin
> drwxr-xr-x 2 0 0 512 Feb 9 21:15 etc
> drwxr-xr-x 2 test6 2004 512 Feb 9 21:45 incoming
> drwxr-xr-x 2 0 0 512 Feb 9 21:15 lib
> drwxr-xr-x 2 0 0 512 Feb 9 21:15 libexec
> drwxr-xr-x 6 0 0 512 Feb 9 21:15 usr
> psftp>
>
>
>
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the scponly
mailing list