Need Help Create Ssh User Who Can Only Access One Directory

hi linus guru,


Need your help, I would like to create ssh user that only has access to one folder

existing Directory: /home/aps/ logs



user can only have read only access on logs folder

Thanks, appreciate your help..


Similar Content



Why Vsftp Can Do It, But Openssh Sftp Cannot ? (chroot)

Dear all,

This is long story cut short, with vsftp, if i set this parameters in the vsftp.conf file below

Code:
local_enable=YES
chroot_local_users=YES

I am able to login to the ftp account, see and list my home/user directory, and if i do a cd / or cd .. , i will still be chroot to my /home/user directory.

without, the need to chmod or or chown anything to my /home/user directory

=============================================

With openSSH, internal_sftp, even though I have set the sshd_conf to

Code:
Match user alankoh
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
ChrootDirectory /home/%u

I will need to change owner my /home/user directory to have root becomes it owner.
============================================

Q1) why this difference ? How does vsftp chroot without changing the /home/user folder ownership ?

Q2) i realize that openssh ChrootDirectory parameter causes my default login directory to be set as that of the parameter.
(e.g. if i set to "/whatever/xyz", i will be brought to that /whatever/xyz everytime i login to the sftp instead of my /home/user folder.

Why ? I thought that ChrootDirectory is just a security measure to specify the directory to go to in case the user cd to root (e.g. cd /), else not, i should still go to my /home/user folder everytime i login to sftp.

Regards,
Noob

How To Create New User Who Can Access Server From Putty With Limited Functions

hi all,

i want to create a new user named xyz who can login and perform some backup tasks with limited access

i have created a user but not able to access server via putty

can anybody please guide me on this

Thanks
Vijay Muddu

Usr/bin

given that im in the home directory, what cli command should i typoe to get access to my documents folder which i can clearly see in the gui but cannot seem to access.

i thought logically it should be /home/files/documents or perhaps /home/user/files/documents

where am i being a dweeb!!!!!....... again

Can't Access Samba Share

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:
Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:
[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:
total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Samba Configuration Not Letting Me Access Files?

Hey guys, I got samba working and I am able to access my files, however I am now trying to learn security with it. i am pretty much trying to allow certain groups access certain files. if you look at samba group you can see that I have @sambausers group to access sambagroup directory.

I have a user called sambatest01. the user can access "samba users only" but the user can access all of the other files as well. what is a correct set up on the other smb.conf to prevent users from accessing this? I cant seem to find a proper set up


[drivers]
path = /files/drivers
browseable = yes
read only = no
guest ok = no
guest only = no


[samba users only]
path = /files/sambagroup
browseable = yes
read only = no
guest ok = no
guest only = no
write list = @sambausers
valid users = @sambausers

(solved) User Has Not A Directory

Hi. When I ran #useradd -m -s /bin/bash -G áudio,lp,video, wheel,scanner -U user
#passwd user

I forgot to have the /home mounted (shame on me)

so now there is not a /home/user (directory) so user cannot start the X

how can I fix it?

thank you!

Vsftpd User Home Directory Mounted With Cifs But Getting Error 550

In my RHEL 6 sever space issue so i am mounted new user
home directory to my nas storage with cifs rw permission

but when user using ftp getting error 550 create directory operation failed

vsftpd user home directory mounted with cifs rw permission but getting error 550 create directory operation failed

Samba-Apache-Webdav Permission Problem With User Www-data

I'm not sure if this should be in the newbie section, but I am somewhat of a newbie, so here goes:

In a home network, I have an Xubuntu file server with a Samba share that has me as the owner and authorizes me to access the share.

On another computer, I have Mint running and providing various services, including webdav on Apache with SSL. In the var/www/webdav directory of the Mint computer, I have the Xubuntu Samba share mounted. This is supposed to allow me to access the Samba share from the public internet.

Everything works fine except for one big problem: Apache requires the owner of the webdav directory to be user "www-data," and I can't figure out how to give www-data access to the Samba share, since www-data is not a user on the Xubuntu computer, and moreover I don't know the password for user www-data.

Can anyone figure out how to get around this problem? In particular, is there a way to configure the Samba share on the Xubuntu computer so that user www-data on the Mint computer can have access to it?

(Incidentally, I have my reasons for using two computers, one as a file server and one as a web server. Also, I am thinking about switching to NFS instead of Samba, but I'm not sure if even that would solve my problem.)

File Permission

I am writing a script to check the log file in /var/log , some files are only read by root , but the script use general user to access the system ( as the system do not accept root to ssh directly ) , therefore , it could not read such files .

Would advise what is the best method to solve this problem , copy the file to a special folder ? allow root to ssh ? create a user with root permission ?

very thanks

Impossible To Get Kubuntu Open On ChromeOS

Hi everyone,

I am currently a user of crouton under chromeOS. It worked "pretty" well for about two months but does not work anymore. When I open it, linux start normally but suddenly stop and give me this message:

Quote:
The following installation problem was detected
while trying to start KDE:

No write access to $HOME directory (/home/paul).

KDE is unable to start.
I already try this Code:
sudo chown -R group:user /home/user

But I can not remember group and user name.

Thanks a lot