Thanks,
I ended up using...
Match group sftponly
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
... but the ForceCommand line failed
/etc/ssh/sshd_config: line 158: Bad configuration option: ForceCommand
/etc/ssh/sshd_config line 158: Directive 'ForceCommand' is not allowed within a
Match block
...and if the user selects .. then they do go down to the root directory.
Not a jail, as such, but a definite step forward in the right direction.
Many thanks.
--
This message posted from opensolaris.org
