Thanks for the suggestion. I intend to study about this possible solution but to save time I'd like to ask you some questions.
With this software, can I control which accounts "from the unix passwd file" will be able to log in? If there is a symbolic link in the home directory(jail/chroot) that point to anywhere out of it, will the users be able to use this symlink? Will they go out from their jail/chroot directory this way? Derek Ragona wrote: > At 10:28 AM 4/10/2007, Thiago Esteves de Oliveira wrote: >>Hello, >>I want to use the chroot/jail mechanism in user's ssh and sftp >>connections. I've read some >>tutorials and possible solutions to jail/chroot the users into their own home >>directories. One is >>to install the openssh-portable(with chroot option turned on) from the ports >>collection. I've installed the openssh-portable, but the jail/chroot mechanism didn't work. I think it requires some configuration in its sshd_config file, but I'm not sure because I have found nothing about jail/chroot in the openssh(sshd_config) man pages. > > I have implemented a similar setup using vsftpd from the ports. It works > well for secure ftp when used with the filezilla client. You can limit the ftp command in the vsftpd configuration file so users cannot get out of their home directories, which chroots them there. You do need to add one thing to the accounts, which is to change their home directory in /etc/passwd adding an additional dot. For instance if a users home directory is: > /home/user > > You'd need to change it to: > /home/./user > > vsftpd is well documented and relatively easy to get setup and running. > > -Derek > _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"