This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Lock down CYGWIN SSH User to single directory.
Renà Berber <r.berber <at> computer.org> writes:
>
> JMCColorado wrote:
>
> > Is there any way to only allow a user SSH access to a single directory tree?
> > I need to lock the user out of EVERYTHING else.
>
> You need something like this:
>
> http://olivier.sessink.nl/jailkit/index.html#intro
>
> It hasn't been tested under the Cygwin environment and it's not trivial to
install.
>
> Another option is to use a patched sshd that suports 'ChrootGroups' or
> 'ChrootUsers', there is:
>
> http://chrootssh.sourceforge.net/
>
> Since chroot is part of the Cygwin's coreutils package, it may work.
>
> I haven't used any of these, nor do I need it (so far), but it would be
> interesting to hear if anyone had any success with this.
>
> HTH
I have heard that CHRoot might work, but I have also heard that it still allows
someone to SCP outside of where they can SSH to.
I need to ensure that the user can't get anywhere but the one directory I want
them to have access to. Unfortunately, with Windows giving "Everyone" access to
just about everything, this seems very difficult to do.
Any more ideas?
Thanks for everyones input!
- Josh
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/