[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] RaQ4 and Raq550 , restrict telnet and/or ssh logins to ONLY their own site folder ?

Subject: RE: [cobalt-users] RaQ4 and Raq550 , restrict telnet and/or ssh logins to ONLY their own site folder ?
From: "Mike's List" <mikelist@xxxxxxx>
Date: Fri Jan 24 16:38:07 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

It can be done with restricted shell, I'm not sure what raq550 contains.
But you can search at redhat.com or the linux howtos, restricted shell
will put users just in their directory and gives you control of what
command they can execute, etc.

You can search at http://www.tldp.org/ or www.google.com to see if there's
any good linux docs on this.  (ie. instead of /bin/bash or /bin/csh, you'll
have /bin/rsh or /bin/yourshell)


- Mike

-----								-----

 "Those willing to give up a little liberty for a little security
  deserve neither security nor liberty."
                                             -- Benjamin Franklin

On Fri, 24 Jan 2003, Mike Sisson wrote:

> okay, even if it is not easy, it can be done ?
> 
> what would the steps be (in newbie terms and full step by step details) ?
> 
> 
> -----Original Message-----
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Bruce Timberlake
> Sent: Friday, January 24, 2003 12:56 PM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-users] RaQ4 and Raq550 , restrict telnet and/or ssh
> logins to ONLY their own site folder ?
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> > Is there an easy way to configure a RaQ4 and RaQ550 server so that
> > users who need to login via Telnet or SSH are restricted to their
> > site folder and not allowed to navigate outside of that folder ?
> 
> No. It requires setting up a chroot ("jail") environment, and that's 
> not "easy" to do on a RaQ.
> 
> > The FTP seems to already accomplish this restriction as it will not
> > allow a user to navigate out further than the site345 folder...
> 
> ...since all FTP commands come through a central app...
> 
> - -- 
> Bruce Timberlake
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> 
> iD8DBQE+MZpgvLA2hUZ9kgwRAqQEAJ45QvPCazI9JdX6JHHGupjI5e7R5QCfWq3+
> l1jyDHcDjCUkEUK++dScvno=
> =FVPK
> -----END PGP SIGNATURE-----
> 
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
> 
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Follow-Ups:
- Re: [cobalt-users] RaQ4 and Raq550 , restrict telnet and/or ssh logins to ONLY their own site folder ?
  - From: Bruce Timberlake

References:
- RE: [cobalt-users] RaQ4 and Raq550 , restrict telnet and/or ssh logins to ONLY their own site folder ?
  - From: Mike Sisson

Prev by Date: Re: [cobalt-users] disk integrity problem after patch
Next by Date: Re: [cobalt-users] disk integrity problem after patch
Previous by thread: Re: [cobalt-users] [RaQ 4/550] chroot shell environment
Next by thread: Re: [cobalt-users] RaQ4 and Raq550 , restrict telnet and/or ssh logins to ONLY their own site folder ?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index