Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running SuSE 9.3 as a file server on the Internet. I want users to be able to securely login and deposit/retrieve files. But I don't want them to see other users' files. Also I don't want them to wander around the file system / I want the server to be secure. I know that I could 'jail' the home directory. But I'm having so much problems with it. SSH works fine but I created a new directory with 'bash' and all the required libraries and bash works fine but when I tried to put 'ssh' into that directory and it's not working. I got the following error message: "PRNG is not seeded".
Also, I'm not really sure if the 'passwd' and 'shadow' files are to be located inside the jail or can they be located outside of the jail. When I put them (with the appropriate entries only for the users that I want to access remotely) inside the jail, that user cannot login.
I tried to bind the user to different shells (rsh, rbash, false) but with no success. I also tried restricting user access by changing the properties of a directory (drwxr-xr-- 6 root root 144 2006-01-03 10:04 ..) but that failed as well.
Does anybody know of a simpler method of restricting a user to only a single directory? All I want the user to be able to do is to deposit and retrieve files. Thanks a million for your help.
thanks. I'm trying to get the 'rssh' working. But I'm having a tremendous problems with setting up the jail. I did everything that was suggested in the chroot manual for rssh but when I'm trying to connect to the account I get the 'connection closed' message. I know that I must have the jail not set up properfly because when I comment out the like setting up the chroot in the 'rssh.conf' file then I CAN log in. The problem is that, in such a case, the account is not jailed; it's not limited to the jail.
If you installed rssh-2.3.0 look in the docdir for the CHROOT doc and read the first 20 lines about "Connection closed" and the need for the systems shell because of wordexp().
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
