Re: [PLUG] Setting SFTP restrictions to download only, but only for cert

Michael Leone on 7 Aug 2015 07:28:30 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users

From: Michael Leone <turgon@mike-leone.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
Date: Fri, 7 Aug 2015 10:28:05 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mike-leone.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=+ebvAtIKSfPkG2qRaDuhsVkA7UkiTNcTvHE+mqT/Dvw=; b=Z7ecFGso3XNbsecF5C9knABUmsJIpC0U6PTMZ8HHhQ5x20OayLM0dgepI8spviNVbc NKsXQmHA1Ir4lrZdA0Jk2GH+jzIbqbEHe4r4NkDe/dIxiRAO4dDvuDXeMLIOHcnUIauh dCxLsj7NOmWAQk8QmPbGAkzR433+n12oxIiFI=
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Fri, Aug 7, 2015 at 10:07 AM, Michael Leone <turgon@mike-leone.com> wrote:
> On Fri, Aug 7, 2015 at 9:43 AM, Michael Leone <turgon@mike-leone.com> wrote:
>
>> NOW, for a bit of extra ... I will add my test user to it's own
>> "UpgradeProject" group. I will then see if I can do a SSH chroot jail
>> for *just* the members of that group, so they can't go snooping
>> wherever they want ..
>
>
> Oddly, I keep seing references to how using the "match" stanza in
> OpenSSH is for 4.9 and above, and I use 4.3p2 (it's RHEL 5.11). Yet I
> do see a "ChrootDirectory none" in my config file. So I guess my
> version can chroot, but I can't do it only for a "match"? All or
> nothing?


Yep, when I added the "Match Group" stanza, and restarted SSH, it came
back with "Bad configuration option: Match"

Ratz
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Leone <turgon@mike-leone.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Lazin <microlaser@gmail.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Matt Mossholder <matt@mossholder.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Paul DiSciascio <thenut@bytemonkey.net>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Leone <turgon@mike-leone.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Leone <turgon@mike-leone.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Leone <turgon@mike-leone.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Leone <turgon@mike-leone.com>
- Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
  - From: Michael Leone <turgon@mike-leone.com>

Prev by Date: Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
Next by Date: [PLUG] If not SFTP, how's about FTPS?
Previous by thread: Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
Next by thread: Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users
Index(es):
- Date
- Thread