rsync over ssh, multiple private keys sharing same UID, chroot

Alex Bligh alex at
Wed Apr 7 05:14:57 EST 2010

I am thinking of configuring a service where multiple users have their
own private keys to do rsync over ssh. I don't want each of these
users to have their own UID. I want them each to share a UID, but
to have space on the ssh server isolated from any other user.
Let us assume that I also wish to prevent them from using any
service other than rsync.

Is this possible? Is a sensible approach to use authorized_keys2
ChrootDirectory and ForceCommand? Assuming that I only allow the
shared user to write to a specific directory in each chroot
setup (through access permissions), am I reasonably safe
security wise? Or am better off hacking rsync to do the
chroot stuff itself (as if rsync were running as a daemon).

Alex Bligh

More information about the openssh-unix-dev mailing list