How do I create a user with read only access over SSH to a limited subtree of folders?

ssh linux permissions

Solution 1:

If you really want to restrict them down as much as possible, I suggest looking at a chrooted ssh install. That way even if they did manage to break out their tree they wont be able to trawl around the underlying system.

The Debian guys have a guide available on the subject.

Solution 2:

rssh does exactly that. From pizzashack.org:

rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. It now also includes support for rdist, rsync, and cvs. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. For a list of platforms on which rssh is known to work, see the Platform Support Page.

Related

How to print out information about Task Scheduler in powershell script?
Red hat Linux + TIME ZONE CONFIGURATION + details from clock file
Maximum size of SharePoint content databases
Update multiple sudoers file
Flush-0:n processes causing massive bottleneck
Is it possible to deploy VMware vSphere 5.5 without Windows?
What OS would you use for a simple fileserver and why? [closed]
I'm trying to use "aws s3 sync" on my EC2 instance. Is the '--exclude' option broken?
How can I use the output of a command in cfengine3
debian 6 preseeding keeps asking "Write the changes to disks and configure LVM?"
Strongswan IKEv2 vpn on Windows 10 client "policy match error"
Is there anyway to get msiexec to echo to stdout instead of logging to a file