[nycbug-talk] FreeBSD + Restricted Shell
Kevin Reiter
tux at penguinnetwerx.net
Tue Feb 7 20:48:26 EST 2006
Kevin Reiter wrote:
> All,
>
> Does anyone know of a quick and dirty (or at least easy) way to "chroot"
> a remote user (via SSH) to their $HOME? I've been parsing google
> hits, and I've seen reference to rbash as a shell, but I can't find it
> in ports or anywhere already on the system. pkg_add tells me it don't
> exist, either.
>
> Basically, I'm looking to give a remote user their own $home, but
> restrict their access to ONLY their $home. I was hoping something like
> rsh on Solaris was there, but no joy. They don't need
> scp/ftp/anything.else, just SSH to connect. Anyone have any pointers?
Found ibsh (Iron Bars SHell) in /usr/ports/shells/ibsh
Iron Bars Shell is a restricted Unix shell. The user can not step out
of, nor
access files outside the home directory. It is written in C for Linux. No
libraries used. It is small, fast, secure. Two ascii configuration files for
more control.
WWW: http://ibsh.sourceforge.net/
Tested it out, and aside from a few minor things (the user's UID gets
chopped off in the display window for one) it's exactly wat I was
looking for.
More information about the talk
mailing list