HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Regular and restricted sftp accounts.
Operating System - HP-UX
1829103
Members
5616
Online
109986
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-16-2006 02:09 AM
08-16-2006 02:09 AM
Regular and restricted sftp accounts.
Because of our security guidelines, users’ home directories cannot be any greater than750, but we need the directories and files to be 770. This is because our development group needs to be able to get into the users’ home directories and also be able to push and pull files if need be. We will eventually have several hundred users with sftp accounts and their shell is set to /usr/bin/false.
We have set up restricted accounts so that when these users sftp into our server, they land in their home directory and they can only go to their incoming and outgoing directories, but no where else.
Does anyone know how we can set up these sftp accounts so that when the user sftp’s into our server, it will take them into another directory, other than their own, which would be located on a separate filesystem? We can set permissions to 770 on directories outside of the users’ home directories.
The customer would also like to be able to have this new filesystem setup in Serviceguard for failover. We do not have vg00 configured in Serviceguard to failover, only our application filesystems.
We have set up restricted accounts so that when these users sftp into our server, they land in their home directory and they can only go to their incoming and outgoing directories, but no where else.
Does anyone know how we can set up these sftp accounts so that when the user sftp’s into our server, it will take them into another directory, other than their own, which would be located on a separate filesystem? We can set permissions to 770 on directories outside of the users’ home directories.
The customer would also like to be able to have this new filesystem setup in Serviceguard for failover. We do not have vg00 configured in Serviceguard to failover, only our application filesystems.
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-16-2006 02:47 AM
08-16-2006 02:47 AM
Re: Regular and restricted sftp accounts.
Shalom,
Whether the login is sftp or ssh or telnet, chroot restrictions apply. If you want for sftp wider access then you need another account.
The account can be one way or the other, but not both. If wider access is required then the chroot configuration, which is what your "We have set up restricted..." paragraph is saying.
SEP
Whether the login is sftp or ssh or telnet, chroot restrictions apply. If you want for sftp wider access then you need another account.
The account can be one way or the other, but not both. If wider access is required then the chroot configuration, which is what your "We have set up restricted..." paragraph is saying.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP