[TriLUG] chroot: SFTP user setup
John Wheeler
jwheeler at etherealfringe.com
Wed Jun 20 20:50:48 EDT 2007
Hey guys,
Im managing an FC 7 webserver for a project that needs multiple web
developers to have access to the webroot.
I need to create their accounts on the server to meet the following
criteria:
the easy ones:
SFTP connection for file transfer (i will not run a regular FTP server)
group based access to webroot and files / sub-directories
initial path set to our common webroot
and the kickers:
ability to deny normal shell access for SOME of the accounts
chroot - the accounts can have NO access to any directory except the
webroot
I have played around all evening looking for proper methods but
turned up little until i saw the following write-up:
http://www.minstrel.org.uk/papers/sftp/
I am about ready to go this route but thought I'd toss it out to the
list and see if anyone might have solved this another way?
I could live with a solution that did not provide for denying shell
access to some of the accounts... but I really MUST limit the read
access for the rest of the filesystem.
Any ideas, suggestions, or even completely different approaches would
be very welcome.
John Wheeler
Ethereal Fringe Designs
jwheeler at etherealfringe.com
336.255.8004
More information about the TriLUG
mailing list