Quote:
Originally Posted by Weaseal
Specifically, I want to prevent users who are using SCP/SFTP from wandering outside of their home directories. What are my options? Is there a way to chroot them?
|
There is not a really
good solution to this precise problem that I am aware of.
The way I currently handle this is I build a FBSD jail specifically for the shell users, and I give them
scponly shells. Finally, I "chmod go-rwx" each of their home directories. The worst they can do is navigate around the jail, and they can't access any home directory apart from their own.