[PATCH] sftp-server Restricted Access
Damien Miller
djm at mindrot.org
Sun Jun 25 09:54:54 EST 2006
Julien Demoor wrote:
> Hello,
>
> This patch makes it possible to restrict sftp sessions to a certain
> subtree of the file system on a per-Unix account basis.
There has been a similar patch in bugzilla for a while:
http://bugzilla.mindrot.org/attachment.cgi?id=586
I'm looking at adding the ability to specify commandline arguments to
SubSystem declarations in sshd_config, but it is a little fiddly as any
change has to gracefully cope with forced commands in authorized_keys
files as well as the fairly common practice of making sftp-only accounts
by making sftp-server the user's login shell.
It will be easier when Darren's "Match" stuff is done, because we can
reuse it to do forced-commands in sshd_config.
-d
More information about the openssh-unix-dev
mailing list