Lock user in home [solved]



  • Dear community.

    I have a user account on pfsense that needs to copy files dropped in his home directory via sftp.

    I create a new user on the webGUI with " User - System - Shell account access" permissions.

    However, I'd like to lock the user into that directory, so I chown'ed the home directory to root and added the following to /etc/sshd:

    
    	/* Test jail settings */
    	$sshconf .= "Match User test_jailed\n";
        $sshconf .= "\tChrootDirectory /home/bupo\n";
    	$sshconf .= "\tForceCommand internal-sftp\n";
    
    

    This works like a charm, but for obvious reasons is cumbersome (I'd like not to edit the sshd php file every time).
    Is there a way to do this form the webGUI or at least a way to specify extra lines for sshd_config?



  • I'd recommend against allowing any users shell access who wouldn't be trusted with more or less full access, even if you're chrooting and forcing sftp (though you should be reasonably safe doing that).

    That said, grep /etc/inc/ for sshd_config and you'll find where it's generated and can edit the source.



  • Well the reason is that I'd like a backup operator be able to pull a config.xml backup every night, which I could copy to their home directory via cron. Hence that user / service account wouldn't be entirely untrusted, but should not be able to harm the system should anything happen to the account (i.e. they shouldn't be able to modify the configuration).
    Would that be unreasonable in your opinion?

    As I said, I found the place in /etc/sshd where the /etc/ssh/sshd_config file is generated and added the lines seen in my first entry.
    But I assume there is no easier way short of developing a small package for the community to add custom lines to sshd_config, right?



  • ah, that's much more reasonable. I expected you were using the firewall like a file server or something, that could potentially pose issues with untrusted users. But doing so for just a backup account, which I presume will run from a secure server, is very low risk with the changes you've made there.



  • Yes, of course it is. The only reason I was making sure it was a good idea was should the server for example collect configs from 20 machines and be compromised, I wouldn't want anyone to be able to do much with the credentials on the pfsense machine.

    Thanks again!



  • IMHO a safe way to automatically backup config.xml would be an useful feature in the base pfsense install.



  • Afaik, there is a backup package that does exactly that. It needs a subscription however, but I would assume that it is safe.
    A lot of companies (like mine) probably would have a problem though having their firewall configs backed up in a cloud, but for SMB or home users this might be viable.
    I don't know the pricing though.



  • There is an option with wget without using scp.
    http://doc.pfsense.org/index.php/Remote_Config_Backup

    @namezero111111:

    Afaik, there is a backup package that does exactly that. It needs a subscription however, but I would assume that it is safe.
    A lot of companies (like mine) probably would have a problem though having their firewall configs backed up in a cloud

    It encrypts the config before uploading, so we strictly store encrypted blobs, we have no readable configs. It's as safe as your encryption key is strong, plus requiring another account just to get to your encrypted configs.


Locked