chroot'd SFTP
Richard Storm
storm.richard at gmail.com
Sun Jul 29 07:46:13 EST 2007
Thanks for these 3rd party hacks! I don't trust them.
There must be such feature in openssh out of box.
So the most secure/easyer method of giving sftp access to porn collection is:
Damiens sftp-server chroot patch, which I hope to see in openssh one day :)
http://marc.info/?l=openssh-unix-dev&m=116043792120525&w=2
# useradd -d /data/p0rn -m share
/etc/ssh/sshd_config:
Match user share
X11Forwarding no
AllowTCPForwarding no
ForceCommand /usr/libexec/sftp-server -C %d
pkill sshd; /usr/sbin/sshd
and done :)
On 7/28/07, Peter SJF Bance <Minstrel at minstrel.org.uk> wrote:
> Hi,
>
> I noticed your post at:
>
> http://www.gossamer-threads.com/lists/openssh/dev/40355
>
> I don't subscribe to the list, so can't reply there, but this may help:
>
> http://www.minstrel.org.uk/papers/sftp/
>
> This discusses how to set up chroot'd SFTP only (no shell).
>
> --
> Peter SJF Bance
> http://www.minstrel.org.uk/
>
More information about the openssh-unix-dev
mailing list