To those needing the functionality of rssh, I needed an sftp server which would *only* allow file access via sftp, and *only* to files within a virtual filesystem root. Not finding anything which easily satisfied my requirements, and knowing that trying to sufficiently blacklist a permissive-by-default system like openssh is futile, I wrote my own, on top of python's Twisted module. It requires whitelisting (and implementing) features that you want, with no ability to do things you don't give it (the public repo lacks any shell support, for example, though I have added one in some deployments), and quite primitive (silently ignores file attribute setting, doesn't support making symlinks or extensions), but it *does* work quite nicely for sftp / sshfs use. As it is implemented in pure python, the performance is somewhere around 10% of openssh, so don't expect it to handle heavy loads well. By default it only supports rsa keys, but I have used it with ecdsa.
In general, twisted's protocol support is excellent, so with a bit of python knowledge you can adapt it to nearly anything you want. scp and rsync are probably out of easy reach, as they normally run a client program on the destination, which would either break the sandbox or have to be dummied within the python virtual filesystem. The latter is the *correct* approach, but is likely more work than is worth doing. I have used it with git by first mounting via sshfs; native git+ssh support is probably possible, but again would require a fair bit of work. Anyway, you can find the code at https://github.com/lp-programming/WorkflowUpload/ As the project name implies, I use it for uploading github build artifacts to offsite storage. Regards, Logan _______________________________________________ rssh-discuss mailing list rssh-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rssh-discuss
