Difference between revisions of "Scponly"

From ArchWiki
Jump to: navigation, search
(Created page with '=Introduction= Scponly is a limited shell for allowing users scp/sftp access and only scp/sftp access to your box. Additionally, you can setup scponly to chroot the user into a …')
 
m
Line 1: Line 1:
 +
[[Category:Networking (English)]]
 
=Introduction=
 
=Introduction=
 
Scponly is a limited shell for allowing users scp/sftp access and only scp/sftp access to your box.  Additionally, you can setup scponly to chroot the user into a particular directory increasing the level of security.
 
Scponly is a limited shell for allowing users scp/sftp access and only scp/sftp access to your box.  Additionally, you can setup scponly to chroot the user into a particular directory increasing the level of security.

Revision as of 20:52, 18 October 2009

Introduction

Scponly is a limited shell for allowing users scp/sftp access and only scp/sftp access to your box. Additionally, you can setup scponly to chroot the user into a particular directory increasing the level of security.

Installation

Prerequisites

This guide assumes that you have sshd installed, configured, and running.

Setup

Scponly resides in [community] and can be installed like any other package:

# pacman -Sy scponly

If you have a user already created, simply set the user's shell to scponly

# usermod -s /usr/bin/scponly username

That's it. Go ahead and test it using your favorite sftp client.

Adding a chroot jail

Note: The Arch package seems to be missing some files required for automating this process. The steps I following on a Debian box:

$ cd /usr/share/doc/scponly/setup_chroot
# gunzip setup_chroot.sh.gz
# chmod +x setup_chroot.sh
# ./setup_chroot.sh