Is it possible to block users from leaving their home directory?

linux ubuntu ssh ubuntu-10.04 sftp
6,399

Solution 1

Why would chroot be a "huge load on the server"? This is precisely what chroot was designed to do. There are guides aplenty on the internets that you can follow to get things set up.

Solution 2

SSH has built in chroot features for sftp, with ssh its a bit trickier since the users get to start a fully shell, but its also possible. Check out this howto:
http://www.howtoforge.com/chrooted-ssh-sftp-tutorial-debian-lenny

Share:
6,399

Related videos on Youtube

samwell
Author by

samwell

Updated on September 18, 2022

Comments

  • samwell
    samwell over 1 year

    I'm creating a webserver, and I will have many users ssh/sftp into it. All they need to do is within their home directory, for example, /home/user/.

    Many people have told me to use chroot, but it seems like it's a little bit too much, plus I'm going to have multiple users log in into the server so it'll be just a huge load on the server.

    So to recap, I want to prevent users from leaving their home directory, /home/user/. Is this possible?

    • Tim Brigham
      Tim Brigham over 12 years
      It is with chroot..
    • samwell
      samwell over 12 years
      Would you recommend chroot with multiple users on the server?
  • samwell
    samwell over 12 years
    I read that it can slow down the server and take more memory. Would you recommend it with multiple users ssh/sftp into the server?
  • EEAA
    EEAA over 12 years
    It's likely that things will be just fine. Just give it a try. If it doesn't end up working, nothing has been lost.
  • jlecour
    jlecour about 3 years
    A chroot does not imply a full OS copy. It depends on what you want available to a user once in the chroot. Also, there is no performance penalty or overhead.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SFTP failing with "Match Group" clause
Can't sftp into server Permission denied, please try again
How do I connect to SFTP server with web browser?
SFTP clients not respecting default UMASK permissions
sftp/ssh failing after adding "Match group" clause
Advice for running IAR Embedded Workbench for Arm with Dongle in Linux
How to grep '---' in Linux? grep: unrecognized option '---'
High %wa CPU load when running PHP as CLI
How do I get the files from SFTP server and move them to another folder in bash script?
Rename file while using SFTP to append date