White Cuban Posted December 14, 2008 Share Posted December 14, 2008 Im having alot of issues today, with my new server, so seems i need alot support (hence 3 topics xD) i want to create a user in freeBSD 6.2 that will be binded to /usr/local/www/apache22/data/faraday <Whatever The user name will be i guess,ill decide when ill create the user, lets say faraday for now> which will be bound to it, won't be able to go up i mean by that. and won't have shell. when i tried to do it myself, i had some wierd issues, ranging from everytime i tried to access it anyway it gave me Out Of Memory! issue (im sure i'm not, lol, something i did probally) please walk me all the way, from creating the user to locking it there. Link to comment Share on other sites More sharing options...
McSmiggins Posted December 14, 2008 Share Posted December 14, 2008 You pretty much can't open an SSH connection without some form of shell (your auth logs are probably showing that), but don't confuse "bash" with "all shells", bash gives you a terminal on the machine, which you're probably used to, but there are alternatives. From what you've written you're pretty much after "chroot"ing the user (where for example /home/faraday/ becomes / when the user is logged in.) Probably the easiest way to do what you're after is using the "scponly" shell, or more specifically the scponlyc variant of it, which chroot's the user and only allows scp commands, they can't say get a bash shell running. I'm a Debian man, so can't give you an exact method of doing it on BSD, but someone else can: http://os.miamano.eu/scponlyc However I'd provide the following warning first, make sure you're happy with the concept of chrooting (esp the fact that you'll need to create a user directory with read only child directories (there's a script to do this) so they can succesfully log in (eg if you chroot'ed /home/faraday/ which was an empty directory, for a start there'd be no /dev/null, which is used in more places than you'd think) Oh, and run Debian (J/K) :) Link to comment Share on other sites More sharing options...
White Cuban Posted December 14, 2008 Author Share Posted December 14, 2008 dude, you totally confuzzled me, i tried to follow the crap he says, can't. it seems like something unrelated Link to comment Share on other sites More sharing options...
White Cuban Posted December 14, 2008 Author Share Posted December 14, 2008 ok i got it working another question. How do i make it automatically have the mount point /include. i mean the folder which i can actually change. so it immidietly reaches it, or atleast automatically changes to it, unexpirienced folks will be using this. Link to comment Share on other sites More sharing options...
Recommended Posts