sharing resources yes – but allowing anyone to access all files – and be it only in read mode – of your operating system – sounds adventurous.
so you might want people to be able to securely up nad download files via sftp (is basically ssh) to their home directories – but not „escape“ from there and list /home or / or even access other people’s home directories.
this can be done by
1. limiting ssh for certain users to sftp only
2. make user chroot into their home
tail -f /var/log/auth.log
vim /etc/ssh/sshd_config; # open up main sshd service config file
# add those lines
Match User user
ESC :wq # save changes and quit
service ssh restart; # restart ssh service so changes take effect
chown root:root /home/user/; # otherwise chroot complains fatal: bad ownership or modes for chroot directory "/home/user"
chmod 755 /home/user/; #
# but: this will run you into "Could not update ICEauthority file /home/user/.ICEauthority"
# if you are running gnome2 with xauth on the server (probably not :-D except if it's an test-server)
# per default user rights are like this:
# the user user has it's own group users and completely owns this directory
drwxr-xr-x 24 user user 4.0K May 11 10:05 user
# fixed the problem
# 1. make root own all user directories
# 2. but at the same time give the user's own group write access to user's home directory
root@debian:~# chown root:user /home/user
root@debian:~# chmod g+w /home/user
now your users should be able to connecto to your server and sftp-up and download stuff. but not be able to leave their home-directories e.g. with the very very exellent – best ssh client on the planet: mobaXterm – rock on! 🙂