Skip navigation

HT5586: About Apple Remote Desktop Client 3.6.2

Learn about About Apple Remote Desktop Client 3.6.2

HT5586 Is it possible to limit remote access to the Web Server and SFTP portions of OS X Sever Mountain Lion?

477 Views 2 Replies Latest reply: Feb 28, 2014 2:20 PM by sibr RSS
Gary MBS Calculating status...
Currently Being Moderated
Apr 24, 2013 12:00 PM

Is it possible to limit remote access to the Web Server and SFTP portions of OS X Sever Mountain Lion?

MacBook Pro, OS X Mountain Lion (10.8.1)
  • TeenTitan Level 4 Level 4 (2,410 points)

    is the server acting as the router/dhcp server?

     

    or is the server behind a router?

  • sibr Calculating status...

    Looking into this myself. It looks like using the sshd ChrootDirectory will do this. From man sshd_config:

     

    ChrootDirectory

                 Specifies a path to chroot(2) to after authentication.  This path, and all its components, must be root-owned directories that are not writable by any other user or group.

     

                 The path may contain the following tokens that are expanded at runtime once the connecting user has been authenticated: %% is replaced by a literal '%', %h is replaced by the home directory of the

                 user being authenticated, and %u is replaced by the username of that user.

     

                 The ChrootDirectory must contain the necessary files and directories to support the users' session.  For an interactive session this requires at least a shell, typically sh(1), and basic /dev

                 nodes such as null(4), zero(4), stdin(4), stdout(4), stderr(4), arandom(4) and tty(4) devices.  For file transfer sessions using ``sftp'', no additional configuration of the environment is neces-

                 sary if the in-process sftp server is used (see Subsystem for details).

     

                 The default is not to chroot(2).

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.