Feature request/RFC: sftp-chroot authorized_keys option
Andreas Rottmann
mail at rotty.xx.vu
Wed Jul 22 08:29:17 AEST 2015
Hi!
[ If this is the wrong mailing list for such requests, please apologize
and direct me to the right one ]
Since I have a particular use case for it[0], I wonder if it would be
possible to implement a key based (i.e. configured via
~/.ssh/authorized_keys option) restriction to allow sftp access to a
specific directory only. I'm aware that I can restrict a specific key to
use sftp only using 'command="internal-sftp"', but I want to impose an
additional restriction to a specific directory, e.g. by adding
'sftp-chroot="/some/directory"'. This is already possible on a per-user
basis in sshd_config using ChrootDirectory, but my question is:
- Would it be possible to implement this feature on a per-key basis
within the current architecture of OpenSSH (i.e. without major tweaks
to the codebase)?
- If so, is this a feature that would be considered worthwhile enough to
be considered for inclusion, should someone step up and provide a
reasonable implementation?
If the answer is no to either of the above questions, I'd like to hear
that reasoning of well, of course.
If that feature is deemed both implementable (without affecting the
OpenSSH architecture) and worthwhile, I might try my hand at it,
although note that I'm both a newbie to the OpenSSH project's
development, and would do this in my spare time, thus it'd probably take
a while, and require (quite?) a bit of steering/review.
If anyone has ideas (e.g. areas of code that would require changes) of
how that feature can/should be implemented, or would like to implement
it themselves, I'm all ears :-).
[0] For the specific use case I mentioned: I'd like for my mobile device
to have SFTP access, restricted to a specific directory on my
server. It should have access using my regular account, such that
access permissions between my regular shell account and the files
created by the mobile device are compatible.
Currently I solve this use case using a combination of access via
WebDAV and POSIX ACLs, but I'd prefer an SSH-based solution for its
stronger authentication/crypto, not requiring ACLs, and avoiding
UIDs differing between files created by the WebDAV httpd and the
shell account.
Regards, Rotty
--
Andreas Rottmann -- <http://rotty.xx.vu/>
More information about the openssh-unix-dev
mailing list