Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

If you don't have an account yet, visit the registration page to sign up.

If you already have an account, you may login here:

Today's Big Story

Best Small Linux Distros for 2024

LXer Features

Linux That's Small

Encryption, Trust, and the Hidden Dangers of Vendor-Controlled Data

My Linux Mint Tribute

How I Turned My Chromebook Into A "Mintbook"

Adventures With My New Chromebook

My Linux Laptop

Have something to say?

Ready to be published? LXer is read by around 350,000 individuals each month, and is an excellent place for you to publish your ideas, thoughts, reviews, complaints, etc. Do you have something to say to the Linux community?

Publish it here.

DaniWeb Linux Community
An exciting professional discussion group about software development, php, shell scripting, networking, ruby, and more.

Latest Discussions

See Activation Cube feature on Fedora 41 KDE Spin in VENV

You don't need AI to know how this goes

Should be a SNL skit

Please add https to lxer.com

Anyone remember Distrotest.net? I found a new one!

Site Menu

Other News

- LWN.net
Their weekly coverage of Linux news is unmatched in this community.

- LinuxGizmos.com
Excellent news for embedded Linux.

- LinuxQuestions.org
Discussion forums for Linux users.

LinuxQuestions.org is a friendly and active Linux Community with forums, reviews, a hardware compatibility list, a wiki, tutorials, a download site, a podcast and more.

SSHFS question

Forum: Linux

Total Replies: 6

Author	Content
tracyanne Feb 05, 2012 8:57 PM EDT	Does anyone know how I can restrict the top level, root, directory for users accessing a public shared directory (via sshfs) to that directory. I can't find any way of doing that via sshd, so i'm thinking I may have to set up some sort of jail.
penguinist Feb 06, 2012 2:14 AM EDT	Yes indeed. Set up a chroot jail and include in that jail the executables and libraries needed to support the sshfs access to your data. Your data also exists under the chroot jail.
tracyanne Feb 06, 2012 2:42 AM EDT	I was afraid of that. I just want to use sshfs to create a share. much the same as how an SaMBa works. I find sshfs so much more reliable, especially when sharing large files. I can sort of do what I want by creating a user who's home directory is the share, and logging in from a remote machine using sshfs user@server: /home/user/sharemountpoint that mounts the users home directory which is, of course the share on "server". and it's perfect security by obscurity if the "user" doesnt know how to use sshfs (and the whole thing is controlled by a script at their end anyway), but the whole thing comes apart once you start using sshfs from the CLI.
penguinist Feb 06, 2012 2:56 AM EDT	You might be able to do something like this to accomplish a limited chroot: In /etc/ssh/sshd_config: Match User my_user ChrootDirectory /path/to/chroot/%u ForceCommand internal-sftp AllowTcpForwarding no X11Forwarding no This will limit the user to sftp only and contain the user's access to a specific subdirectory.
mbaehrlxer Feb 06, 2012 3:05 AM EDT	sftp is not sshfs. but this page explains how to combine the two: http://wiki.lapipaplena.org/index.php/How_to_mount_SFTP_acce... greetings, eMBee.
tracyanne Feb 06, 2012 4:50 AM EDT	Thanks guys. What a complicated rimarole for something that could be covered by simply having a configuration option that foced sshfs to always mount the user's home directory. for example a flag like Always_Use_Home_Directory=[yes/no] in sshd_config, perhaps combined with a match user then if that was equal tp "yes", it wouldn't matter what was entered at the other end it would always act as if "sshfs user@server: /home/user/sharemountpoint" had been used.
BernardSwiss Feb 06, 2012 8:08 PM EDT	You know.... that just might be worth mentioning to the pertinent devs. If that seems presumptuous, you might start it as a "how do I ..." question.

You cannot post until you login.

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software