Sunday 9 June 2013

SFTP Chroot Setup for Group ScriptCraft Session

For the next Madlab CoderDojo I'm going to try running a group session scripting Minecraft with Javascript using ScriptCraft.  One problem with this is that there will be a room full of kids with laptops that I've never seen before who will need access to the ScriptCraft server to edit Javascript files.  My plan is to use Notepad++ for Windows and TextWrangler for Mac machines, and SFTP over to the server.  In order to restrict any potential damage I'm going to use the SSH server to enforce an SFTP chroot jail.  This is the server side of the setup...
  1. sudo adduser coderdojo
  2. sudo vi /etc/ssh/sshd_config
  3. Add the following to the end of the config file:
    Match User coderdojo
        ChrootDirectory /home/coderdojo
        AllowTCPForwarding no
        X11Forwarding no
        ForceCommand internal-sftp
  4. sudo /etc/init.d/ssh restart
  5. Finally the user's directory needs to be owned by root so:  sudo chown root:root /home/coderdojo
  6. Create a folder on the scriptcraft server for the coderdojo files:  sudo mkdir /home/coderdojo/dojo
  7. sudo chown coderdojo:coderdojo /home/coderdojo/dojo
  8. Now set up a symbolic link from the ScriptCraft plugin directory back to the coderdojo user's directory: sudo ln -s  /home/coderdojo/dojo /home/scriptcraft/bukkit/js-plugins/dojo
  9. sudo chmod a+w /home/coderdojo/dojo

With this setup in place, users can use SFTP to edit files on the ScriptCraft server that are then picked up and run by the ScriptCraft Javascript module.

The instructions I followed for this setup are on the Debian Admin site.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)