- Kill Confirmed
Ok, so a select few family members get access to my file server from the outside. I find it easy to distribute bulk pictures, videos, etc. without having to use services like Dropbox.
I want them to access those files, but I don't want them to access my entire server. The solutions? SSH jail, or Chroot.
At first I used symlinks and rssh (Restricted Shell, in case an account is compromised they can't do anything but SCP). This was an ok solution, but not ideal. Clicking the symlink would still drop the user into the folder of the files and allowed them to move up levels if they wanted.
Modify your sshd_config file (mine is in /etc/ssh) and add the following lines:
Subsystem sftp internal-sftp
Match Group sftp
Restart the SSH service:
# /etc/init.d/ssh restart