Re: sftp virtual root directory
Zitiere staf wagemakers <staf.wagemakers@belgacom.net>:
> > Is there any way I can configure a virtual root via sftp (not scp, as
> this
> > requires interactive login capability (it does, doesn't it?)) so that
> when
> > they login with an sftp client, the sftp-server recognizes the
> username/pass
> > and directs them to their personal little piece of www-space?
> >
> > I run Debian 3.0-something with kernel 2.4.18 and ssh -V gives:
> > OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3, SSH protocols 1.5/2.0,
> OpenSSL
> > 0x0090603f
> >
>
> Take a look at scponly ( http://freshmeat.net/projects/scponly ), I
> never used it myself, but it seems to be the missing piece of SSH.
hi.
as i have searched the web for a similar topic and have found nothing (yet),
i'd like to add another question:
"scponly" seems to be a simple shell-substitution.
thus all users that are given /usr/bin/scponly as shell will have only very
limited access to a server. (e.g: using "ssh")
now, i want my users to use "ssh" for logging into my machines.
"sftp" should be used as a replacement for "ftp".
now i want all users of "sftp" to have a restricted access (to be precise: i
want a root-jail like it is provided by (pro)ftp))
however, when a user is smart enough to now about the joys of "ssh", s/he
should be able to login using the secure-shell, without any restrictions
(provided by the shell; e.g: no root-jail should be made,...)
is this possible ?
probably with pam ? but i guess ssh and sftp appear to be the very same from
the PAM-side. is this true ?
mfg.ca.ats
IOhannes
Reply to: