| === m1dnight1 is now known as m1dnight_ | ||
| === Monthrect is now known as Piper-Off | ||
| Holler | quick question | 03:29 |
|---|---|---|
| Holler | how to make user login DIRECTLY in his home directory and not anywhere else @ ssh | 03:29 |
| joeb3_ | Holler, http://allanfeid.com/content/creating-chroot-jail-ssh-access | 03:41 |
| lordievader | Good morning. | 08:51 |
| RoyK | gd mrnng | 08:52 |
| lordievader | ;) | 08:53 |
| RoyK | gss vwls wll cm ltr | 08:53 |
| lordievader | Haven't had enough coffee for that sentence :P | 08:54 |
| RoyK | (guess vowels will come later) | 08:58 |
| lordievader | Ah, there they are :P | 08:59 |
| RoyK | woke up too early - it's a day off before a day off before new year's eve and a weekend | 08:59 |
| EmilienM | jamespage: hello, any idea when can I install mitaka on trusty with proposed repo? | 09:19 |
| Walex2 | EmilienM: don't know, but is that the "4D universe modeler"? | 10:39 |
| Walex2 | http://4d2u.nao.ac.jp/html/program/mitaka/index_E.html | 10:39 |
| === CiPi is now known as cipi | ||
| === Piper-Off is now known as Monthrect | ||
| === cipi is now known as CiPi | ||
| jamespage | EmilienM, hopefully by end of next week | 12:37 |
| Holler | yeah... i'm back | 14:17 |
| Holler | How can I make the user login in his own home directory and not anywhere else? How can I be sure? | 14:18 |
| maswan | A login requires more than just the home directory (shell, userspace tools, etc), so no. | 14:18 |
| Holler | Can I understand more about shells? | 14:20 |
| maswan | Yes. | 14:20 |
| maswan | That would be a good starting point. | 14:20 |
| Holler | One more thing | 14:20 |
| Holler | Ever heard of GADMIN-PROFTPD? | 14:21 |
| maswan | Are you talking about ftps for file transfers and not login (i.e. ssh or local)? | 14:21 |
| maswan | Then chroot is the thing to setup support for | 14:22 |
| Holler | Yeah, there's a problem with gadmin-proftpd, it says no uppercase letters allowed but I don't have any uppercase letters anywhere in settings... | 14:22 |
| Holler | weird | 14:22 |
| RoyK | just don't use ftp | 14:25 |
| === mist is now known as lolcat6 | ||
| Holler | What about doing all that restrictions in openssh? Is it difficult? | 14:25 |
| RoyK | Holler: you can setup chroot with openssh, but what's the point? just set the permissions right and the user can't do much anyway | 14:26 |
| === lolcat6 is now known as mist | ||
| Holler | Yep, I tried permissions yesterday | 14:26 |
| Holler | If you may, I can tell you what went wrong | 14:26 |
| RoyK | "tried"? | 14:26 |
| Holler | Yep, experimented | 14:27 |
| RoyK | chmod go-rwx -R /home | 14:27 |
| RoyK | and ta-taa - no users can read any other users' data | 14:27 |
| Holler | well that might work but my problem extends more than that, I there are folders other than user's home that I want them to access and not access | 14:31 |
| Holler | I must manually do it | 14:31 |
| RoyK | Holler: the default system config is rather secure as it is - what sort of other folders? | 14:48 |
| Holler | game server files in home | 14:51 |
| Holler | I want them to access SOME files, not all | 14:51 |
| RoyK | Holler: then set the permissions correctly ;) | 15:12 |
| RoyK | Holler: if you chroot the user to $HOME, they won't have any chance of accessing /home/somewhereelse | 15:12 |
| RoyK | or *anywhere* else outside $HOME | 15:13 |
| Holler | oh no | 15:23 |
| Holler | what should I do to make them only access /home/somewhere/thisthing on logging in? | 15:23 |
| === Lcawte|Away is now known as Lcawte | ||
| blizzow | I plugged the second network card on a few servers into a second switch. The main NIC is 172.16.1.2 and my router is plugged into that switch. I've tried to configure my second network card as 10.0.0.2 but when I do ifconfig eth1 10.0.0.2 netmask 255.255.255.0, I lose all network connectivity. How should I configure my second network card to be on a second LAN and not mow my eth0 traffic over? | 22:07 |
| === Lcawte is now known as Lcawte|Away | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!