Help in jailing SSH users 1

[bazil2]

(Elementary user)

The server uses RHEL 5.9

I would like to jail specific users logging in via SSH to their home directory so they can't navigate the server.

According to RedHat, one should be able to edit the file /etc/ssh/sshd_config and uses the following syntax:

Match Group sshusers
ChrootDirectory /home/%h

I presume then one need only assign the users to the group sshusers and restart the service?

In undertaking said, the following error was given:

[root@ ssh]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: /etc/ssh/sshd_config: line 121: Bad configuration option: Match
/etc/ssh/sshd_config: terminating, 1 bad configuration options
[FAILED]

According to RedHat, this is a known issue and won't be fixed.

Can anyone suggest an alternative method of jailing non-root users logging in via SSH?

Best regards

 

[AvayaTier3]

give the users a home directory without .bashrc .bash_profile or a home directory with
files that setup environment with no PATH and no ENV and no SHELL

:/bin/false for shell instead of :/bin/bash

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

40 years Bell, AT&T, Lucent, Avaya
Tier 3 for 30 years and counting
[URL unfurl="true"]http://bshtele.com[/url]

 

[ChrisHirst]

From my 'bookmarks'

http://www.unixwiz.net/techtips/chroot-practices.html

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum