On Mon, Feb 23, 2009 at 07:33:23PM +0100, Jean-Francois wrote: > Hello, > > If I understand this will chroot any user. Am I correct ? > - Is root chrroted as well ?
Don't scp or SSH in as root. Use a regular account and sudo, or at least the root password. > - Is it possible to chrrot only some users ? I don't believe so. You could look at scponly, it can chroot users. It's an add-on shell, not in ports, has not been audited by OpenBSD, etc. YMMV. > I am afraid that is I do this then all users will be chrooted and I > won't be able to turn this back since I will not have access to /etc. Run a separate sshd instance on a different port, with -p. Test the changes there. ==ml > > Line to be changed in sshd_config : > #ChrootDirectory none > > Thanks > JF > > Le lundi 23 fC)vrier 2009 C 19:07 +0100, Floor Terra a C)crit : > > See sshd_config(5) and search for ChrootDirectory. > > > > Floor > > > > On Feb 23, 2009 6:24 PM, "Jean-Francois" > > <[email protected]> wrote: > > > > Hi All, > > > > As far as I understand, the sftp service is always running > > since it is > > the ssh daemon (maybe one can correct me if I'm wrong). > > Hence I need to chroot some users to specific directories. > > I prefer not to use vsftp at present time if this feature is > > available > > with sftp of OpenBSD. > > > > One can help me ? > > > > Thank you; > > JF -- Michael W. Lucas [email protected], [email protected] http://www.BlackHelicopters.org/~mwlucas/ "My pessimism extends to the point of even suspecting the sincerity of the pessimists." -- Jean Rostand, French biologist and philosopher
