• 1

confining guest to only 1 directory without any permissions but ssh login

Hello Dan, I've been following your blogs over the last months but i can't find a clear answer for my problem.
I recently started using SElinux on my system (cloudserver on Centos6.3).
The only access is ssh. Every user is confined to the specified dir until the right password is given.
Let us say a cracker could obtain the ssh-key and spoof my ip-address, so next he would be asked to enter the ssh-password before granted access to the system. So far so good.
Is there any way i can deny ALL linux commands to the user for the time that he spends in that directory except the possibility to login by entering the ssh-password?
So i would like to confine every user to 1 directory without ANY permissions. I tried chroot but that's to complicated for my situation. I could be wrong about all this, but my understanding of SElinux is pretty basic..
I hope you got a solution for this..

Edited at 2012-12-30 12:35 pm (UTC)

  • 1

Log in