View unanswered posts    View active topics

All times are UTC - 6 hours





Post new topic Reply to topic  [ 7 posts ] 
Print view Previous topic   Next topic  
Author Message
Search for:
PostPosted: Wed Jul 02, 2008 4:32 pm 
Offline
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location: Minneapolis, MN
Since my mythtv computer is the closest thing I have to an FTP server running in the house, I have created an account for a friend and plan to put files in the /home/friend folder for them to retrieve.

Because this user is a novice Windows user and I have no hope of them being able to figure out SSH and Linux command lines, I plan to have them use WinSCP to get to the /home/friend directory.

I found this page on how to make a new user account and created a friend account with password:
http://oreilly.com/catalog/debian/chapt ... 07_01.html

By default, I believe they have read/write access to their /home/friend directory. I wonder if I can limit this friend account so they can't read, write or delete files outside their /home/friend directory - thus protecting the rest of my Mythbox?

Eric

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 02, 2008 7:45 pm 
Offline
Joined: Wed Nov 16, 2005 8:55 pm
Posts: 1381
Location: Farmington, MI USA
I don't know which FTP server you are using (I believe KM installs wuftp, not sure), but what you are looking for is referred to as "jail". A Google for <FTP server> jail users should get you what you are looking for, perhaps this one helps?


Top
 Profile  
 
PostPosted: Wed Jul 02, 2008 8:23 pm 
Offline
Joined: Fri Sep 15, 2006 12:16 pm
Posts: 292
neutron68 wrote:
I plan to have them use WinSCP to get to the /home/friend directory.


I think you will find that they can just use Internet Explorer with your
url like this:
Quote:
ftp://123.123.123.123
and enter their user and password when prompted.... or use a url
with embedded username and password like this:
Quote:
ftp://user:password@123.123.123.123
You could even set them up a desktop link that runs iexplore on that url.

You should find that the username they use sends them directly into
their home directory.

Cliff


Top
 Profile  
 
 Post subject: SSH, actually
PostPosted: Thu Jul 03, 2008 7:52 am 
Offline
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location: Minneapolis, MN
Thanks for the responses. I think I led you astray by saying ftp. I'm not actually going to load an ftp server, but use SSH for the access and have the friend use WinSCP to access the SSH.

After they are into the machine, I simply want to keep them from bumbling around and deleting files, etc.

I'm still not sure how I can limit their access to various directories.

Eric

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner


Top
 Profile  
 
 Post subject: Re: SSH, actually
PostPosted: Thu Jul 03, 2008 9:14 am 
Offline
Joined: Wed Nov 16, 2005 8:55 pm
Posts: 1381
Location: Farmington, MI USA
neutron68 wrote:
Thanks for the responses. I think I led you astray by saying ftp. I'm not actually going to load an ftp server, but use SSH for the access and have the friend use WinSCP to access the SSH.

After they are into the machine, I simply want to keep them from bumbling around and deleting files, etc.

I'm still not sure how I can limit their access to various directories.

Eric
Same concept (jailed), see http://www.linux.com/articles/61387 for example.


Top
 Profile  
 
 Post subject: Re: SSH, actually
PostPosted: Fri Jul 04, 2008 11:48 am 
Offline
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location: Minneapolis, MN
slowtolearn wrote:
Same concept (jailed), see http://www.linux.com/articles/61387 for example.

The article mentions starting with OpenSSH and adding the SSHJail patch to it.
Is OpenSSH the version of SSH that is built into Knoppmyth R5F27 already? (so I don't need to download and compile OpenSSH?)

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner


Top
 Profile  
 
 Post subject:
PostPosted: Sat Jul 05, 2008 5:30 pm 
Offline
Site Admin
Joined: Fri Sep 19, 2003 6:37 pm
Posts: 2657
Location: Whittier, Ca
Yes, OpenSSH is included by default.


Top
 Profile  
 

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 


All times are UTC - 6 hours




Who is online

Users browsing this forum: Bing [Bot] and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group

Theme Created By ceyhansuyu