Hello everyone,
I'm sukifree, I'll tell you what I'd then what I did. I'd like to deny access ROOT folder to any user when uses ssh connections. Only they will see the folders with their permissions NOT be possible to navigate to ROOT folder.
I've been trying for 3 days to modify the home directory when any user logs in with SSH / SFTP and block access to any user navigate to /mnt or root folder with no luck.
I'm starting on this, I have TrueNAS-12.STABLE installed (I've done tests with FreeNAS as well).
I have followed several tutorials to generate a POOL and then add a DataSet.
I have generated a temporary user inside the "Tecnicos" group. This user doesn't have a home directory.
I change "Shell" to "scponly" (why? because I saw in other posts, they changed it).
Then I edit ACL permissions of "OpenProjects" and change access control only to the group I would like (Tecnicos).
I activate the SSH service with the default port (22).
Finally, I read these posts:
Custom folder for SSH -> and I tried this without success.
I tried (and failed) to change CHMOD and CHOWN permissions to only access to root folder the root user. -> This stopped any access from any user, not as root, so I reinstalled everything again. XD
Please any help?
PD: Thanks for reading all text.
I'm sukifree, I'll tell you what I'd then what I did. I'd like to deny access ROOT folder to any user when uses ssh connections. Only they will see the folders with their permissions NOT be possible to navigate to ROOT folder.
I've been trying for 3 days to modify the home directory when any user logs in with SSH / SFTP and block access to any user navigate to /mnt or root folder with no luck.
I'm starting on this, I have TrueNAS-12.STABLE installed (I've done tests with FreeNAS as well).
I have followed several tutorials to generate a POOL and then add a DataSet.
I have generated a temporary user inside the "Tecnicos" group. This user doesn't have a home directory.
I change "Shell" to "scponly" (why? because I saw in other posts, they changed it).
Then I edit ACL permissions of "OpenProjects" and change access control only to the group I would like (Tecnicos).
I activate the SSH service with the default port (22).
Finally, I read these posts:
Custom folder for SSH -> and I tried this without success.
Match Group Tecnicos
X11Forwarding no
ChrootDirectory /mnt/Tyris/OpenProjects
AllowTcpForwarding no
ForceCommand internal-sftp
X11Forwarding no
ChrootDirectory /mnt/Tyris/OpenProjects
AllowTcpForwarding no
ForceCommand internal-sftp
I tried (and failed) to change CHMOD and CHOWN permissions to only access to root folder the root user. -> This stopped any access from any user, not as root, so I reinstalled everything again. XD
Please any help?
PD: Thanks for reading all text.
