ProFTPD has a setting to set the default root. I use "DefaultRoot ~" to keep users inside their home directory.
At 12:51 AM 12/29/2003, you wrote:
Zitiere staf wagemakers <[EMAIL PROTECTED]>: > > Is there any way I can configure a virtual root via sftp (not scp, as > this > > requires interactive login capability (it does, doesn't it?)) so that > when > > they login with an sftp client, the sftp-server recognizes the > username/pass > > and directs them to their personal little piece of www-space? > > > > I run Debian 3.0-something with kernel 2.4.18 and ssh -V gives: > > OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3, SSH protocols 1.5/2.0, > OpenSSL > > 0x0090603f > > > > Take a look at scponly ( http://freshmeat.net/projects/scponly ), I > never used it myself, but it seems to be the missing piece of SSH.
hi.
as i have searched the web for a similar topic and have found nothing (yet), i'd like to add another question:
"scponly" seems to be a simple shell-substitution. thus all users that are given /usr/bin/scponly as shell will have only very limited access to a server. (e.g: using "ssh")
now, i want my users to use "ssh" for logging into my machines. "sftp" should be used as a replacement for "ftp". now i want all users of "sftp" to have a restricted access (to be precise: i want a root-jail like it is provided by (pro)ftp))
however, when a user is smart enough to now about the joys of "ssh", s/he should be able to login using the secure-shell, without any restrictions (provided by the shell; e.g: no root-jail should be made,...)
is this possible ?
probably with pam ? but i guess ssh and sftp appear to be the very same from the PAM-side. is this true ?
mfg.ca.ats IOhannes
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
