LinHES Forums http://forums.linhes.org/ |
|
creating new users and limiting their access? http://forums.linhes.org/viewtopic.php?f=5&t=18447 |
Page 1 of 1 |
Author: | neutron68 [ Wed Jul 02, 2008 4:32 pm ] |
Post subject: | creating new users and limiting their access? |
Since my mythtv computer is the closest thing I have to an FTP server running in the house, I have created an account for a friend and plan to put files in the /home/friend folder for them to retrieve. Because this user is a novice Windows user and I have no hope of them being able to figure out SSH and Linux command lines, I plan to have them use WinSCP to get to the /home/friend directory. I found this page on how to make a new user account and created a friend account with password: http://oreilly.com/catalog/debian/chapt ... 07_01.html By default, I believe they have read/write access to their /home/friend directory. I wonder if I can limit this friend account so they can't read, write or delete files outside their /home/friend directory - thus protecting the rest of my Mythbox? Eric |
Author: | slowtolearn [ Wed Jul 02, 2008 7:45 pm ] |
Post subject: | |
I don't know which FTP server you are using (I believe KM installs wuftp, not sure), but what you are looking for is referred to as "jail". A Google for <FTP server> jail users should get you what you are looking for, perhaps this one helps? |
Author: | cliffsjunk [ Wed Jul 02, 2008 8:23 pm ] |
Post subject: | Re: creating new users and limiting their access? |
neutron68 wrote: I plan to have them use WinSCP to get to the /home/friend directory. I think you will find that they can just use Internet Explorer with your url like this: Quote: ftp://123.123.123.123 and enter their user and password when prompted.... or use a urlwith embedded username and password like this: Quote: ftp://user:password@123.123.123.123 You could even set them up a desktop link that runs iexplore on that url.
You should find that the username they use sends them directly into their home directory. Cliff |
Author: | neutron68 [ Thu Jul 03, 2008 7:52 am ] |
Post subject: | SSH, actually |
Thanks for the responses. I think I led you astray by saying ftp. I'm not actually going to load an ftp server, but use SSH for the access and have the friend use WinSCP to access the SSH. After they are into the machine, I simply want to keep them from bumbling around and deleting files, etc. I'm still not sure how I can limit their access to various directories. Eric |
Author: | slowtolearn [ Thu Jul 03, 2008 9:14 am ] |
Post subject: | Re: SSH, actually |
neutron68 wrote: Thanks for the responses. I think I led you astray by saying ftp. I'm not actually going to load an ftp server, but use SSH for the access and have the friend use WinSCP to access the SSH. Same concept (jailed), see http://www.linux.com/articles/61387 for example.
After they are into the machine, I simply want to keep them from bumbling around and deleting files, etc. I'm still not sure how I can limit their access to various directories. Eric |
Author: | neutron68 [ Fri Jul 04, 2008 11:48 am ] |
Post subject: | Re: SSH, actually |
slowtolearn wrote: Same concept (jailed), see http://www.linux.com/articles/61387 for example.
The article mentions starting with OpenSSH and adding the SSHJail patch to it. Is OpenSSH the version of SSH that is built into Knoppmyth R5F27 already? (so I don't need to download and compile OpenSSH?) |
Author: | cecil [ Sat Jul 05, 2008 5:30 pm ] |
Post subject: | |
Yes, OpenSSH is included by default. |
Page 1 of 1 | All times are UTC - 6 hours |
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |