- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Restricted Shell
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 08:57 PM
тАО11-10-2005 08:57 PM
I have setup a a restricted sheel for a user, but I want to allow him to mkdir's in his home directory an be able to 'CD' into them
I know you can no cd out of your home directory - but can they not cd down ?
Thanks
Mick
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 09:01 PM
тАО11-10-2005 09:01 PM
Re: Restricted Shell
man ksh says,
The cd command cannot be executed by rksh.
hth.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 09:01 PM
тАО11-10-2005 09:01 PM
Re: Restricted Shell
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 09:04 PM
тАО11-10-2005 09:04 PM
Re: Restricted Shell
Basically I wanted to setup a scp server for users that can only copy in and out of there own directories and maybe subdirectories in there $HOME
This cant be done with rsh then ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 09:07 PM
тАО11-10-2005 09:07 PM
Re: Restricted Shell
I've tried out this:
$ mkdir test
$ cd test
rksh: cd: restricted
$
$
$ echo "cd test" | ksh
ksh: cd: restricted
So you can not achive with rksh setting in /etc/passwd.
hth.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 09:15 PM
тАО11-10-2005 09:15 PM
Re: Restricted Shell
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
I hope scp will allow to access files under $HOME. Did you check with that? I am not having scp utility here.
Test as,
# Machine2:
touch /file1
# Machine 1 ---> Machine 2
has to be failed
# Machine 1 ---> Machine 2
has to be passed
for your requirement. Check revert with results.
hth.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 09:38 PM
тАО11-10-2005 09:38 PM
Re: Restricted Shell
I was able to scp a file over to the new directory, if I ssh to the server, I can list the new file under $HOME/test but cant cd into it
This I could get away with if the user is using shell under unix - but if using something like WinSCP, it throws you out if you try to view the contents of ../test
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 11:21 PM
тАО11-10-2005 11:21 PM
Re: Restricted Shell
Anyway, users does not need to cd to the directory to perform operations with the file. They just must specify the path to the file.
Why do you need to cd to that directory?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-10-2005 11:30 PM
тАО11-10-2005 11:30 PM
Re: Restricted Shell
But, if using WinSCP or some other tool, it throws you out because when you click on the folder to list the contents - it uses "cd" to get in and list ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 12:40 AM
тАО11-11-2005 12:40 AM
SolutionIf your goal is to create an user account for SSH file transfer which can access files only in the account's home directory and subdirectories, chroot is the answer.
The commercial SSH from ssh.com and newer versions of OpenSSH can be configured to chroot the session for certain users. When a session is chrooted, the user sees his/her home directory as a root directory. The subdirectories of the home directory are accessible normally, but the rest of the filesystem "does not exist" for him/her.
The disadvantage of chroot is that if the user is going to execute normal (non-chroot-aware) commands inside the chroot jail, you must supply the entire environment inside the jail. The sshd handles SFTP internally, so it does not need any libraries.
But if you need anything else, you must determine the correct libraries using "ldd" and "chatr" commands, and copy those libraries into the chroot environment. Symlinking does not help: the symlinks are interpreted within the context of the chroot environment.