Jump to content
Aerosol

Restrict Linux user to WWW folder and disable ssh access

By Aerosol, in Tutoriale in engleza

Recommended Posts

Aerosol Newbie

Aerosol

Posted
Posted

To be able to restric a Linux user to www folder and disable ssh access, in my example maned user_name, we should proceed some steps:

1) Edit file /etc/ssh/sshd_config and add the next lines


AllowUsers [COLOR="#FF0000"]user_name[/COLOR]

Match User [COLOR="#FF0000"]user_name[/COLOR]
    ChrootDirectory /var/www
    ForceCommand internal-sftp

2) Edit the file /etc/passwd like in the next example:


[COLOR="#FF0000"]user_name[/COLOR]:1003:1002::/var/www:/bin/false

3) Add user to www-data group using command:


usermod -a -G www-data [COLOR="#FF0000"]user_name[/COLOR]

4) The final step is to restart the ssh service to reload the configuration using one of the next commands:


/etc/init.d/ssh restart

or

service ssh restart

After this steps if we fill try to connect using ssh we will got the next message:


root@kali:/home/razvan1# ssh [COLOR="#FF0000"]user_name[/COLOR]@192.168.1.1
[COLOR="#FF0000"]user_name[/COLOR]@192.168.1.1's password: 
This service allows sftp connections only.
Connection to 192.168.1.1 closed.

Author: razvan1@hy

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...