Login Get Started
Hostxpeed
Login Get Started →
Server Management

How to Set Up Jailed Shell

5 min read
25 views
Jun 12, 2026

Prerequisites

Before setting up a jailed shell, make sure you have:

  • SSH access to your VPS
  • Root or sudo privileges

Method 1: Restricted Bash (rbash)

Restricted bash prevents the user from using certain commands like cd, changing PATH, or running programs not in allowed directories.

Connect to your VPS:

ssh hxroot@YOUR_SERVER_IP -p 22

Create user with rbash:

sudo useradd -m -s /bin/rbash restricteduser

Set password:

sudo passwd restricteduser

Create allowed commands directory:

sudo mkdir /home/restricteduser/bin
sudo ln -s /bin/ls /home/restricteduser/bin/ls
sudo ln -s /bin/echo /home/restricteduser/bin/echo

Set PATH for user:

echo "PATH=$HOME/bin" | sudo tee -a /home/restricteduser/.bashrc

Result: user can only run ls and echo.

Method 2: Chroot Jail (Complete Filesystem Isolation)

Create minimal chroot environment:

sudo mkdir -p /jail/{bin,lib,lib64,etc,home,dev}
sudo cp /bin/bash /jail/bin/
sudo cp /bin/ls /jail/bin/
sudo cp /bin/echo /jail/bin/

Copy required libraries:

ldd /bin/bash | grep "=> /" | awk "{print $3}" | xargs -I {} sudo cp {} /jail/lib/
ldd /bin/ls | grep "=> /" | awk "{print $3}" | xargs -I {} sudo cp {} /jail/lib/

Create user:

sudo useradd -d /home/jailuser jailuser

Move user's home into jail:

sudo mkdir -p /jail/home/jailuser
sudo chown jailuser:jailuser /jail/home/jailuser
sudo usermod -d /home/jailuser jailuser

Edit /etc/ssh/sshd_config:

Match User jailuser
    ChrootDirectory /jail
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand /bin/bash

Restart SSH:

sudo systemctl restart sshd

Method 3: Using lshell (Limited Shell)

Install lshell:

sudo apt install lshell -y

Create user with lshell:

sudo useradd -m -s /usr/bin/lshell lshelluser

Configure lshell:

sudo nano /etc/lshell.conf

Add:

[lshelluser]
allowed = ["ls", "pwd", "echo", "cat"]
path = ["/home/lshelluser", "/tmp"]
home_path = "/home/lshelluser"

Test Jailed Shell

SSH as the restricted user:

ssh restricteduser@YOUR_VPS_IP

Try commands outside allowed list – they should fail.

✅ Jailed shell configured. Users are restricted to a limited set of commands and directories.

Was this article helpful?