I am using ssh & sftp now, and FileZilla is handling sftp quite well (http://sourceforge.net/projects/filezilla/) however, the users can just keep going up the chain, I want to ensure that a user can never go beyond their home directory. Hence the chroot jail approach. Is there another way to restrict sftp access to a home directory? In addition, is their a way I can allow sftp access, but not shell access (as all but about three of the remote users will ever need shell access) Quoting "der.hans" : > Am 26. Aug, 2005 schwätzte Bryan.ONeal@asu.edu so: > > > Ok at this point I am willing to do anything, including wiping out my > OS and > > starting from scratch. > > > > I need a way for users to access my box in a secure manor and upload / > download > > files. But I also need to ensure that those users can never navigate > above > > their home directory (I will have several users set to the same > home) > > > > I can not get chroot to work for the life of me! > > It's a good idea, but it's not necessary. > > I'd suggest looking into a restricted shell. For instance, there's rbash > ( > look for it in the bash man page ). > > I'm worried about one part, though. > > ### > When a command that is found to be a shell script is executed > (see > COM†> MAND EXECUTION above), rbash turns off any restrictions in > the > shell > spawned to execute the script. > ### > > So you just need to be able to write shell scripts to get around the > restrictions? > > Hopefull sftp can be configured to do what you're wanting. > > apt-cache search for filezilla returns nothing, so I don't know if > FileZilla can handle sftp. At least a few GUIs can. > > ciao, > > der.hans > -- > # https://www.LuftHans.com/ http://www.AZOTO.org/ > # "Communications without intelligence is noise; > # Intelligence without communications is irrelevant." > # Gen. Alfred. M. Gray, USMC > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss