How do I create an SSH account which restricts a user to a single directory?

I have several SVN repos on a linux server. I want to provide a client with direct access to the server so they can run SVN updates on their files. However, I do not want them to see or have access to any other directories on the site (i.e. other client's site files).

For instance, I want to create an account which allows user,  "siteadmin",  to access the "" files. When they connect to the server, I want to restrict their access to only this folder: /var/www/html/sites/adminsite_files/

Is there a way to do this (similar to restricting access on an FTP account)?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bearclaws75Author Commented:
This looks like a promising script, however, I am not understanding the instructions.

To create a new chrooted account:
# <Username> /path/to/chroot-shell /path/to/jail

I'm not sure what to use as the "/path/tochroot-shell/". What is the "chroot-shell"?

Also, the script creates the <username> but it does not seem to create a password for this user. Does that need to be set later?

the page says that the last two are options. by default 2nd argument assume /bin/chroot-shell and the 3rd assume /home/jail

looking at the script, it seams that it prompts for password
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Can you explain why you want to do this?  Maybe there is a better approach...
there is an ssh patch that can restrict users to their "home directory" so then you could just redefine the users home dir to something other than /home/<user>
bearclaws75Author Commented:
omarfarid --> i understand that command allows for options. I just don't know what path would be used here: "/path/tochroot-shell/".

arrkerr1024 --> I am doing this because I want to give server access to a 3rd party developer so that he can run "svn updates" on the working copy of his site. However, I do not want to give him root access or allow him to browse around the server (which contains files for other client sites). I want to restrict his access so that when he logs in, he will be isolated to this directory (/var/www/html/sites/adminsite_files/) ...and won't be able to navigate to other parent directories.

Rance_Hall --> can you explain what you mean by "SSH patch"?

Thanks for all of your help.
when you compile software from source, you can edit the source before you compile/install it so that it does more what you want to, instead of what the original author wrote.

Some of these "changes" become very popular and other people want to do the same thing, so a "patch" is created that has all the needed changes to add the new feature.

download the source, patch the source with the patch file, and when you compile/install you get the new feature.

Now if you arent comfortable with this idea, you have a couple of options the script referenced here does work, but its overkill if you can get the patch to work.

the other idea is that you can contact the maintainer of the sshd package for your distro, and ask if the "sshd chroot" patch is already applied, or if it can be.

you don't have to specify if you do not know the actual path
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.