Re: sftp with chroot?

To: debian-user@lists.debian.org
Subject: Re: sftp with chroot?
From: Xavier <_xavier_@laposte.net>
Date: Sun, 02 Aug 2009 15:24:16 +0200
Message-id: <[🔎] h54420$232$1@ger.gmane.org>
References: <[🔎] 822650.77861.qm@web111615.mail.gq1.yahoo.com>

Eugene Apolinary wrote:
> I want to make an sftp server....
> 
> - Only an sftp server
> - Some users may log in by ssh (with openssh-server), some users can only
> use sftp - Important! - Chroot! Users using sftp must only see e.g.: their
> home directory, or better: a folder in it. - Under Debian Lenny
> 
> Is there any good, secure solution? At least links to howtos? :S

Have a look at the keyword ChrootDirectory in man sshd_config.

On my server, I have two groups for users: sshusers and sftpusers.
In my /etc/ssh/sshd_config file, I have only:
[...]
Subsystem sftp internal-sftp

AllowGroups sshusers sftpusers

# Chroot for sftp users
Match Group sftpusers
        ChrootDirectory /home/sftp
        X11Forwarding no
        AllowTcpForwarding no
        ForceCommand internal-sftp
[...]

See also: http://www.debian-administration.org/articles/590

Xavier

Reply to:

References:
- sftp with chroot?
  - From: Eugene Apolinary <eugeneapolinary80@yahoo.com>

Prev by Date: Re: using mplayer instead of flash plugin for Iceweasel
Next by Date: Re: HOWTO enhance Debian by removing HAL
Previous by thread: Re: sftp with chroot?
Next by thread: Re: java-gcj installation bug
Index(es):
- Date
- Thread