[CentOS] scp setup jailed chroot on Centos7

Adrian Jenzer a.jenzer at herzogdemeuron.com
Tue Oct 24 10:23:58 UTC 2017



-----Original Message-----
From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of tbuchanan at vinu.edu
Sent: Samstag, 21. Oktober 2017 02:14
To: CentOS mailing list
Subject: Re: [CentOS] scp setup jailed chroot on Centos7

-----"CentOS" <centos-bounces at centos.org> wrote: -----To: CentOS mailing list <centos at centos.org>
From: Rainer Duffner 
Sent by: "CentOS" 
Date: 10/20/2017 08:00PM
Subject: Re: [CentOS] scp setup jailed chroot on Centos7

> Am 20.10.2017 um 15:58 schrieb Adrian Jenzer <a.jenzer at herzogdemeuron.com>:
> 
> Dear all
> 
> I'm looking for instructions on how to setup a jailed chroot directory for user which needs to upload via scp to the server.
> Especially I miss clear instructions about what needs to be in the jailed directory available, like binaries, libraries, etc...
> Without jail I get it to work, but I want to prevent user downloading for example /etc folder from the server.
> 
> Does anybody have a link or list valid for Centos7
> 



Can’t you use SFTP?

AFAIK, sftp automatically chroots a user with no valid shell (provided the home directory is owned by root and not writeable by the user and you use Subsystem internal-sftp).



_______________________________________________
CentOS mailing list
CentOS at centos.org
https://lists.centos.org/mailman/listinfo/centos


https://github.com/mysecureshell/mysecureshell
_______________________________________________
CentOS mailing list
CentOS at centos.org
https://lists.centos.org/mailman/listinfo/centos


Thanks for this. Didn't know about it. And setup is pretty straight forward. The repo for Centos6 works with 7 too.

[mysecureshell]
name=MySecureShell
baseurl=http://mysecureshell.free.fr/repository/index.php/centos/6.4/
enabled=1
gpgcheck=0


regards Adrian




More information about the CentOS mailing list