Allowing an user to only access a folder (SSH)

Got problems with your B2 or B3? Share and get helped!
Post Reply
romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Allowing an user to only access a folder (SSH)

Post by romtoc » 03 Sep 2011, 16:51

Hello,
I need to create a user on my B3 box and I want to restrict his access to only one folder.

Can this be done? If yes, how?
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/

Cheeseboy
Posts: 789
Joined: 08 Apr 2007, 12:16

Re: Allowing an user to only access a folder (SSH)

Post by Cheeseboy » 03 Sep 2011, 20:28

Hi romtoc,

What do you mean with "access"?
You can control Read, Write, and Execute permissions...

romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Re: Allowing an user to only access a folder (SSH)

Post by romtoc » 04 Sep 2011, 04:13

Hello Cheeseboy,
Thanks for your reply.

By "access", I meant the user can only read/write and execute files in a directory.
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/

Gordon
Posts: 1356
Joined: 10 Aug 2011, 03:18

Re: Allowing an user to only access a folder (SSH)

Post by Gordon » 04 Sep 2011, 05:22

Probably your best bet would be to create a wrapper script and assign that to be the users shell. Something like...

Code: Select all

#!/bin/bash
while read command params; do
  if [ ! -z `echo grep -e "^"$command"$" /some_location/allowed_commands.lst`]; then
    eval $command $params
  fi
done

Ubi
Posts: 1547
Joined: 17 Jul 2007, 09:01

Re: Allowing an user to only access a folder (SSH)

Post by Ubi » 04 Sep 2011, 07:01

Indeed, you cannot fully restrict SSH read/write to a certain folder without restricting the possible command list this user can execute.
I suppose what might work is setting low quota on the root dir for this user to prevent writing, but it's a dirty trick and he'll probably experience crashes from commands that want to write some temp stuff.

A more sophisticated method is presented here: http://www.jmcresearch.com/projects/jail/

romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Re: Allowing an user to only access a folder (SSH)

Post by romtoc » 06 Sep 2011, 07:18

Ok, thanks for your help.
I found a simple method... a web file-manager...
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/

RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Allowing an user to only access a folder (SSH)

Post by RandomUsername » 06 Sep 2011, 07:43

romtoc wrote:Ok, thanks for your help.
I found a simple method... a web file-manager...
But the Bubba already has one! :S

romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Re: Allowing an user to only access a folder (SSH)

Post by romtoc » 11 Sep 2011, 12:18

I used a more advanced one where I can change the permissions.
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/

Post Reply