SSH Jail and Symlinks

Ok, so a select few family members get access to my file server from the outside. I find it easy to distribute bulk pictures, videos, etc. without having to use services like Dropbox.

I want them to access those files, but I don't want them to access my entire server. The solutions? SSH jail, or Chroot.

At first I used symlinks and rssh (Restricted Shell, in case an account is compromised they can't do anything but SCP). This was an ok solution, but not ideal. Clicking the symlink would still drop the user into the folder of the files and allowed them to move up levels if they wanted.

Modify your sshd_config file (mine is in /etc/ssh) and add the following lines:

Subsystem sftp internal-sftp

Match Group sftp
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no

Restart the SSH service:

# /etc/init.d/ssh restart

Share this

My New Favorite Drupal Module - Reroute Email

I have a new favorite Drupal module: Reroute Email I setup a site a while back that allowed for the client to bulk-email their users. I generally try to sway people from this lest they get on a spam list from unforgiving users, but I digress. The e-mails were sent in plain text, and incredibly boring. I did include an unsubscribe link as a condition of creating the bulk-email process, but other than that it was very... drab. So said client comes back a few weeks ago and asks if we can "jazz up the email a bit". Since this site has been live for close to two years with only critical updates being applied, I have long deleted the dev site.
Share this


Steve's Malware Removal Guide

I've been meaning to write something like this for some time now, but have always pushed it off. No longer! After a co-worker asked me about a possible fraudulent antivirus software on their home computer, I figure this guide can help many. Or few. Ether way, here goes: Steve's Guide to Removing Malware, Spyware, Crapware, and Most Other Negative-Wares From Windows Computers* If a window pops up asking you to pay roughly $60 to install software that you didn't know about, you've got a malware issue. As long as the roots are too deep, you'll be fine. Here is a list of the main software that I use when cleaning a machine (keep in mind that these are all free): Malwarebytes This application is great in cleaning out primary infections. After install I recommend running the quick scan, then the full scan afterward.
Share this



Subscribe to Steven McMurry RSS