Re: Need advise aobut allowing only sftp on woody
Dariush Pietrzak wrote:
>> > Can't SSH run in chroot ?
>> sorry, I made a mistake... I've meant that it allows shell login while I
>> wanted to disable it.
> Well... if you don't want shell logins you can't use hacks like scp/sftp,
> but you can use restricted shell like scponly.
> I'd recommend proftpd with tls, but it does not fullfill your
> certificate-only login ( at least the version from woody does not, there
> are quite many options there that you could check.. but you'd probably end
> up having to recompile it ), you could use some web-based system, that
> would be trivial to program around.
well, I've chosen scponly. it doesn't require upgrade of any other packages.
I've used the source from unstable, and from what I understand the security
is controlled by ssh so I guess it's allrignt.