Thanks alot for this. At least knowing the Jailkit limitations helps me to decide if there is another way to do things for this solution.
thanks so much for your time.
Tom
2008/8/1 Olivier Sessink
<address@hidden>
Thomas Jreige wrote:
Hi Everyone,
I am using Jailkit to lock down SCP and SFTP. I have followed the instructions on the Jailkit site in order to do this. One thing I am having trouble with is locking users to their home directory.
/home/sftproot is being used as the jail.
/home/sftroot/./home/test WHen test logs in using SFTP want to restrict that user to this directory only. I dont want them to move to the lower directoris like /./etc as the /./etc/group file can be downloaded now as we speak.
Is there a fix for this?
Jailkit can only do chroot jail tricks, it cannot change the applications you run inside the jails. So if the sftp server cannot do this, jailkit will not change that.
You may, however, put every user inside their own jail. That is effectively the same as restricting them to their own homedir.
Another thing you might want to look at, is to change permissions on /home. I always forget how to change them such that you can go into your own home directory but you cannot list other dirs.
regards,
Olivier
_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users
--
Thomas Jreige
address@hidden