Date: 02/06/09 (IT Professionals)    Keywords: no keywords

I've created a script to setup users (new or existing) to be jailed and only allow for SFTP access. It requires OpenSSH 4.9 (with internal chroot and sftp functionality) or greater and Bash 3 or greater. I made sure to make it generic enough so that it can be tweaked easily with variables at the top for whatever environment people happen to be using.

Features:
*) Can take existing users and jail them (with or without their current home contents)
*) Can be setup so that specific users can have access to a shared location outside their chroot (via mount) (optional per user basis)
*) Has internal support for creating symlinks to mimic a previous sftp environment - to keep existing user put/get scripts working (optional per user basis)
*) Password can be specified, generated or kept (for existing users)

Before creating this, I did quite a bit of googling and failed to locate a script that does the basics (using OpenSSH internal chroot functionality - tons otherwise), let alone the extra stuff.

I'd like to share this with others but I don't know where to post it.

Any suggestions?

PS: I've just recently made the script 'generic' for use on systems other than the environment it was written for and have yet to test it. I'll be doing that in my environment using the customization variables. I won't be handing the script out until I've done that basic testing to make sure I haven't borked the script in that process.

Source: http://community.livejournal.com/itprofessionals/81898.html