keypair auth and limiting access to sftp

James Ralston qralston+ml.openssh-unix-dev at andrew.cmu.edu
Wed Sep 19 16:17:31 EST 2001


On Tue, 18 Sep 2001, Markus Friedl wrote:

> On Mon, Sep 17, 2001 at 05:06:42PM -0400, James Ralston wrote:
>
> > Making sftp inaccessable to chroot'ed accounts is certainly one
> > way to prevent chroot'ed accounts from using sftp to break out of
> > their chroot jails, yes.
>
> how is this related to command="xxx" ?

It isn't, really; Peter was addressing a different issue (that sftp
bypassed command="xxx" restrictions)...

-- 
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA




More information about the openssh-unix-dev mailing list