Re: sftp with chroot?
Eugene Apolinary wrote:
> I want to make an sftp server....
>
> - Only an sftp server
> - Some users may log in by ssh (with openssh-server), some users can only
> use sftp - Important! - Chroot! Users using sftp must only see e.g.: their
> home directory, or better: a folder in it. - Under Debian Lenny
>
> Is there any good, secure solution? At least links to howtos? :S
Have a look at the keyword ChrootDirectory in man sshd_config.
On my server, I have two groups for users: sshusers and sftpusers.
In my /etc/ssh/sshd_config file, I have only:
[...]
Subsystem sftp internal-sftp
AllowGroups sshusers sftpusers
# Chroot for sftp users
Match Group sftpusers
ChrootDirectory /home/sftp
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
[...]
See also: http://www.debian-administration.org/articles/590
Xavier
Reply to: