Limit every user to his own home folder only
Follow this guide to configure your SSH server to chroot your users.
Essentially, use the ChrootDirectory
and ForceCommand
rules for sshd_config
to limit certain users or groups (Match Group
or Match User
) to SFTP and a specific directory.
This requires use of the rule Subsystem sftp internal-sftp
as well, unless the ChrootDirectory
contains all files for a real chroot environment (like a /dev
directory with some basic devices)
A different possibility would be to disable shell login. SCP and SFTP might still work for them.
Related videos on Youtube
user83493
Updated on September 18, 2022Comments
-
user83493 over 1 year
i have a linux server which users connect to with SSH. my users only upload and download content from their
/home
folder.Basicly, I want them to be limited to see and use only their home folder.
I read that it might not be a good idea to do so, since they nead read premissions to run programs and scripts, but again: they are only downloading\uploading content to their home dir.
How can I do it?
-
slhck almost 11 yearsWelcome to Super User! Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.