By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
464,360 Members | 1,382 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 464,360 IT Pros & Developers. It's quick & easy.

Create a very limited user (access to one folder only)

dlite922
Expert 100+
P: 1,584
I'm creating a batch file to be run on scheduled task on windows that sftp's a file using winscp to a linux machine.

The password is saved in this bat file for all to see, so i need to create a user on the Linux machine that can't do anything but have write access to 1 folder.

I don't want you to walk me through it from A to Z, but after I created the user, how do I do things like:

- cannot log into server using command line (SSH), if possible.
- make sure only one folder is allowed to access via sftp, and nothing else, not even home directory. can I eliminate home directory?


I might consider the home directory "be" the one folder that they have access to, if that's easier.

Also any pointers on how I can only allow txt file to be sent, no exe, pl, etc extensions allowed?

thanks guys,







Dan
Aug 22 '08 #1
Share this Question
Share on Google+
2 Replies

P: 1
The standard way to confine sessions is through the 'chroot' call.
google for 'chroot jail sftp' and you'll find lots of step by step guides.

The 'extension' of a file has no meaning on the linux box and is just part of the name, I'm not aware of a simple mechanism to outlaw certain names.
Aug 24 '08 #2

Expert 100+
P: 849
You could probably do it through a combination of chmod and regular expressions, though. Were I to guess, a shell script would be required to effeciently do this, probably one that runs every so often to ensure that new files are also chmod'd properly.
Aug 24 '08 #3

Post your reply

Sign in to post your reply or Sign up for a free account.