[Ricardo Mones] > Two: harden filesystem permissions (don't make homes readable to all > for example) or chroot users to their home upon connection. The second answer is interesting, but incomplete. How do you tell ssh to chroot users upon connection? I have done this with a custom shell for anonymous cvs, using a procedure documented by (I think) openbsd. But how do you do it for sftp? sftp does not invoke a shell. Peter
Attachment:
signature.asc
Description: Digital signature