New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !

Allowing an user to only access a folder (SSH)

Got problems with your B2 or B3? Share and get helped!
Post Reply
romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Allowing an user to only access a folder (SSH)

Post by romtoc »

Hello,
I need to create a user on my B3 box and I want to restrict his access to only one folder.

Can this be done? If yes, how?
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/
Cheeseboy
Posts: 789
Joined: 08 Apr 2007, 12:16

Re: Allowing an user to only access a folder (SSH)

Post by Cheeseboy »

Hi romtoc,

What do you mean with "access"?
You can control Read, Write, and Execute permissions...
romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Re: Allowing an user to only access a folder (SSH)

Post by romtoc »

Hello Cheeseboy,
Thanks for your reply.

By "access", I meant the user can only read/write and execute files in a directory.
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/
Gordon
Posts: 1461
Joined: 10 Aug 2011, 03:18

Re: Allowing an user to only access a folder (SSH)

Post by Gordon »

Probably your best bet would be to create a wrapper script and assign that to be the users shell. Something like...

Code: Select all

#!/bin/bash
while read command params; do
  if [ ! -z `echo grep -e "^"$command"$" /some_location/allowed_commands.lst`]; then
    eval $command $params
  fi
done
Ubi
Posts: 1549
Joined: 17 Jul 2007, 09:01

Re: Allowing an user to only access a folder (SSH)

Post by Ubi »

Indeed, you cannot fully restrict SSH read/write to a certain folder without restricting the possible command list this user can execute.
I suppose what might work is setting low quota on the root dir for this user to prevent writing, but it's a dirty trick and he'll probably experience crashes from commands that want to write some temp stuff.

A more sophisticated method is presented here: http://www.jmcresearch.com/projects/jail/
romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Re: Allowing an user to only access a folder (SSH)

Post by romtoc »

Ok, thanks for your help.
I found a simple method... a web file-manager...
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/
RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Allowing an user to only access a folder (SSH)

Post by RandomUsername »

romtoc wrote:Ok, thanks for your help.
I found a simple method... a web file-manager...
But the Bubba already has one! :S
romtoc
Posts: 19
Joined: 21 Jun 2011, 04:18

Re: Allowing an user to only access a folder (SSH)

Post by romtoc »

I used a more advanced one where I can change the permissions.
Many thanks,
Matei Cristian Dumitru
http://www.romtoc.net/
Post Reply