using OpenSSH/SFTP to replace an FTP server securely

IMAP List Administration lists at
Wed May 21 00:33:27 EST 2014

I thank everyone for their helpful suggestions.

On 05/20/2014 09:32 AM, Damien Miller wrote:
> On Mon, 19 May 2014, ?ngel Gonz?lez wrote:
>> If you want something different, like chrooting them at /chrooted-users/foo,
>> you
>> can use -d parameter in the ForceCommand, ie.
>>  ForceCommand internal-sftp -d /%u
> If you're willing to live with a single chroot directory and file
> permissions to keep users from each others' files then this is a great
> solution. It only requires a single /chrooted-users/dev/log listener
> too.

Indeed, I am willing.  I was just pulling my hair out because sshd wasn't
chdir'ing into the home directory, and the "-d" option didn't work either.
Eventually it occurred to me that v5.3 might not have that stuff, so I had a
look in the source, and indeed, it's not there.

I got v6.6p1 and compiled/installed it, and now sshd changes to the home
directory after doing the chroot.  Much better.

Thanks again for the help.



More information about the openssh-unix-dev mailing list