On 7/5/06, Daniel Botting <zen78553@xxxxxxxxx> wrote:
1. restrict his access once logged in via SSH to /home/user (found this
explanation)
http://www.felipecruz.com/blog_restricte-linux-users-to-their-home.php
What exactly do you really need to achieve? If you disallow him
access to anything outside his home directory he won't be able to do
anything at all (for example run programs in /bin, or run any binary
that uses a library in /lib, which is basically all of them).
You could set up a chroot environment for him, alternatively, but
that's quite a bit of work (unless there is already a tool for doing
this).
But, very broadly, if you don't trust him, why are you giving him an
account on your computer?
It advises about using bash2, I've looked in /bin and I appear to have
rbash but not bash2
Did you try checking the version of bash you already have ("bash --version")?
Or dpkg -l 'bash*' ?
2.- restrict his disk space
apt-get install quota
man quotaon
You might also want to limit the amount of resources his processes can use, too.
man limits.conf
Also I want to add his static IP to my SSH config.
man sshd_config
I know I need the security one, but I am unsure what it is.
apt-setup
James.
| 