Hi Kerry, Thanks. I had read a similar article, that and the fact that I have done chroot sftp before got me to where I was. My issue was that I needed one user to be able to access two different web roots in the chroot. The article you referenced gave me the solution, bind mounts, I haven't tried it beyound testing but in testing it did work. Thanks much. Dave. On 10/14/12, Kerry Hoath <kerry@ciscovision.org> wrote:
Wow 2 seconds on google searching for set up ssh chroot jail tutorial gave me this:
http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/
It'll do what you want with modifications.
On 14/10/2012 12:39 PM, David Mehler wrote:
Hello,
I've got a Linux Admin question. I'm running a server and want to allow a user to manage a pair of web sites. Previously this was done with ftp, specifically pure-ftpd server. I want to get away from ftp finally.
My standard users connect to the box via ssh. I have disabled password authentication for ssh in favor of public key authentication.
My first chalenge is I don't want this user to be able to access the filesystem when connected. I was thinking a sftp chroot. He uses Dreamweaver MX2004 to do his web sites, I should mention there are two of them located in /srv/site1/public_html and /srv/site2/public_html for ilustrative purposes. He also doesn't have a public/private key and I wouldn't want him to have one.
That issue was easy, I did a Match Group in sshd and in that block enabled password authentication. As that user I have connected and it does work, a public key is not needed to connect.
The second issue sftp chroot is proving to be a problem. I've got the two site locations and neither sym links nor hard links will work.
This is where I'm stuck. If anyone has any ideas I'd appreciate them.
Thanks. Dave.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins