restrict SSH access of non-admin accounts.

I just tested the SSH login of an account that should not have ssh access outside the /home/ directory.
However, it appears it does.
I cannot access the other Virtual Server directory but I can access everything including /etc/webmin/ and so on.

I … feel this is largely insecure
While I cannot view the contents of said files. I certainly don’t want to allow access to other directories.
What do I need to do to restrict this?

That’s unfortunately not possible (or at least, simple) to setup:

What your users are seeing is allowed by the typical UNIX/Linux permissions. You can always change the permissions on files/dirs you don’t want them to be able to see.

Barring that, you might just need to prevent SSH access altogether for some users.


Troublesome, but not impossible.

Would be nice if the feature is inherently set by default to jail you to your /home/ directory…

Doesn’t look so hard to do…

/me configures.

This will at least allow SCP / SFTP without SSH access (I wonder if I can include jailed SSH access?) either way.

Win for me… :slight_smile:

Actually… I would highly recommend the above.
Gives users on your server access to SCP / SFTP without having to setup SSL for FTP.

But does not allow SSH login!
Tested and works beautifully!