On Sat, Oct 15, 2005 at 04:32:52PM +0200, [EMAIL PROTECTED] wrote: > Hi, > > I am currently working with one of our file servers. Users need access to the > server from where they live and so far I have been using sshd with scponly. > > I have used scponly because I don't want them to have a shell. > > The problem with the setup is that not al the users may access all the files. > So far it has been handled with chmod to the different directories but this > solution isn't working well. > > I am then currently looking at two solutions. > > 1. Continue using scponly but with chroot and then linking the directories > inside their home directories. > 2. Using vsftpd which support ssl both on login and on the data transfer > (prefered), and then using the buildin support for jailing users. Then > linking the directories inside their home directories. > > I am unsure which solution is the best, and if there perhaps is another even > better solution. > > Advice and experiences is needed :-) > > Best regards, > Rico.
Mmm, nobody seems to have replied yet. It might be worth some trial and error first. For one, symlinks can't traverse the chroot jail (which is, rather obviously, a Good Thing (tm)), and it seems you're thinking of having them do just that. Or I might be mistaken... That being said, FTP is well past the time it was designed for. OpenSSH is very stable and featurefull. Just make sure it isn't *too* featureful for what you're doing. JOachim