[nycbug-talk] FreeBSD + Restricted Shell
tux at penguinnetwerx.net
Tue Feb 7 20:48:26 EST 2006
Kevin Reiter wrote:
> Does anyone know of a quick and dirty (or at least easy) way to "chroot"
> a remote user (via SSH) to their $HOME? I've been parsing google
> hits, and I've seen reference to rbash as a shell, but I can't find it
> in ports or anywhere already on the system. pkg_add tells me it don't
> exist, either.
> Basically, I'm looking to give a remote user their own $home, but
> restrict their access to ONLY their $home. I was hoping something like
> rsh on Solaris was there, but no joy. They don't need
> scp/ftp/anything.else, just SSH to connect. Anyone have any pointers?
Found ibsh (Iron Bars SHell) in /usr/ports/shells/ibsh
Iron Bars Shell is a restricted Unix shell. The user can not step out
access files outside the home directory. It is written in C for Linux. No
libraries used. It is small, fast, secure. Two ascii configuration files for
Tested it out, and aside from a few minor things (the user's UID gets
chopped off in the display window for one) it's exactly wat I was
More information about the talk