Even more secure FTP?

mouring at etoh.eviladmin.org mouring at etoh.eviladmin.org
Sat Dec 16 04:07:39 EST 2000


On Fri, 15 Dec 2000, Peter van der Landen wrote:

> I want to allow technically unsophisticated users to update their web pages
> without having to resort to running something like wu-ftpd on my system.
> SFTPD is a great solution for that since even a casual user can understand
> it's user interface (The Win32 scp client is not an acceptable solution in
> this case).
> 
> SFTPD still leaves me with a few items on my wishlist that could be solved
> on the server side:
> 
> - I would prefer it if some users would be limited to SFTP access and not be
> allowed ssh interactive access or scp. (this is similar to Jos Backus'
> request posted earlier on this list).
> 
> - It would be great if a user using SFTP could (optionally and configurable
> per user) be chrooted to his homedirectory (or some other directory).
> 
Have you tried the contrib/chroot.diff ?  This would at least limit users
to their home directories.  Unsure if anyone has testested it with
SFTP.  I would but I'm kinda booked up until Monday for anything remotely
related to 'playing'.

- Ben






More information about the openssh-unix-dev mailing list