How to prevent ssh client to access/view a specific folder

nakbi

1/28/23, 9:54 AM

Using the SSH opened port, it was possible to verify the folders and the files present, under the directory /usr/share/SecretFolder They are exposed without authentication. My question it's possible to forbid interaction with them. or to hide this folder. It's possible to configure that in the Makefile of OpenSSH. Anyway, I need a solution.

0 + 0

ssh

openssh

Jos

1/28/23, 9:59 AM

The SSH user wouldn't be able to use any of the files and libraries under `/usr/share` which are needed by a command or an executable. So you would need to severely restrict the tasks the SSH user is supposed to execute, which would make SSH not a useful tool for the purpose.

raj

1/28/23, 10:13 AM

Please clarify what do you exactly want to do. 1) For what user(s) do you want the folder to be inaccessible? 2) Do you want the folder and it's contents to be completely inaccessible or do you wan't that the user won't be able to **list** the folder contents, but still be able to access the files inside it? 3) It would be helpful if you describe more **why** do you want to hide the folder at all. Maybe there's a different (and better) method to achieve your goal. Please edit your question and specify more details.

nakbi

1/28/23, 10:20 AM

I'm using OpenWrt, to generate the router firmware. the content of this folder is the GUI source files (.html files). For security reasons, I want that any user (admin...) won't be able to list/copy/edit/delete the folder content, during ssh session.

pLumo

1/28/23, 10:28 AM

I doubt this is possible. Anyways, OpenWrt is not Ubuntu and off-topic here.

nakbi

1/28/23, 10:33 AM

But OpenWrt is based on Linux operating system

raj

1/28/23, 10:37 AM

Yes, OpenWRT is based on Linux, but not on Ubuntu. This site is dedicated to Ubuntu only. Try asking on Unix&Linux site: https://unix.stackexchange.com/ .

raj

1/28/23, 10:39 AM

If you want the folder to be inaccessible to any user **except root**, then make it owned by root and remove all permissions for "group" and "others" (`drwx------`). If you want to make it inaccessible for root as well, this is not possible.

nakbi

1/28/23, 10:43 AM

Thanks, I will try that.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to prevent ssh client to access/view a specific folder

TH: วิธีป้องกันไม่ให้ไคลเอ็นต์ ssh เข้าถึง/ดูโฟลเดอร์เฉพาะ

RO: Cum să împiedicați clientul ssh să acceseze/vizeze un anumit folder

RU: Как запретить ssh-клиенту доступ/просмотр определенной папки

VI: Cách ngăn máy khách ssh truy cập/xem một thư mục cụ thể

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.