Restricting sftp

From: Leland T. Snyder <ltsnyder(at)x3ci.com>
Date: Mon Feb 24 2003 - 12:27:31 EST

I hope there is an easy answer to this question.

I'm using OpenSSH on RedHat 8.0 (i386) and I have all the most recent patchs

[root@base04 root]# rpm --query --all | grep openssh

openssh-3.4p1-2
openssh-server-3.4p1-2
openssh-askpass-gnome-3.4p1-2
openssh-clients-3.4p1-2
openssh-askpass-3.4p1-2

[root@base04 root]#
[root@base04 root]# rpm --query --all | grep bash
bash-2.05b-5
[root@base04 root]#

When you enable a user for sftp it seems they are only restricted by file/directory permissions.
Can you add the restrictions of rbash (i.e. Restricted Bash) or some other simple means to restrict the locations that a person can exchange files from?

I'm sure there is a simple answer to theis question, and thank you in advance for your help. I just can't find any thing like this documented, and I'm not sure if I set /usr/sbin/rbash as the default shell for the sftp login that, that will allow me to restrict sftp access by that id.

-Leland Received on Mon Feb 24 16:03:49 2003