Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Help in jailing SSH users 1

Status
Not open for further replies.

bazil2

Technical User
Feb 15, 2010
148
DE
(Elementary user)

The server uses RHEL 5.9

I would like to jail specific users logging in via SSH to their home directory so they can't navigate the server.

According to RedHat, one should be able to edit the file /etc/ssh/sshd_config and uses the following syntax:

Match Group sshusers
ChrootDirectory /home/%h

I presume then one need only assign the users to the group sshusers and restart the service?

In undertaking said, the following error was given:

[root@ ssh]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: /etc/ssh/sshd_config: line 121: Bad configuration option: Match
/etc/ssh/sshd_config: terminating, 1 bad configuration options
[FAILED]

According to RedHat, this is a known issue and won't be fixed.

Can anyone suggest an alternative method of jailing non-root users logging in via SSH?

Best regards

 
give the users a home directory without .bashrc .bash_profile or a home directory with
files that setup environment with no PATH and no ENV and no SHELL

:/bin/false for shell instead of :/bin/bash

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

40 years Bell, AT&T, Lucent, Avaya
Tier 3 for 30 years and counting
[URL unfurl="true"]http://bshtele.com[/url]
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top