Hi,
I'm setting up a 'chrooted' SFTP only set of users:
/etc/make.conf:
.if ${.CURDIR:M*/usr/ports/security/openssh-portable*}
WITH_SUID_SSH =yes
WITH_OPENSSH_CHROOT =yes
WITH_HPN =yes
WITH_OVERWRITE_BASE =yes
.endif
/etc/rc.conf:
sshd_enable=NO
openssh_enable
On Tue, Mar 11, 2008 at 06:08:44PM -0400, Philip M. Gollucci wrote:
Hi,
I'm setting up a 'chrooted' SFTP only set of users:
/etc/make.conf:
.if ${.CURDIR:M*/usr/ports/security/openssh-portable*}
WITH_SUID_SSH =yes
WITH_OPENSSH_CHROOT =yes
WITH_HPN =yes
user:*:3000:3000::0:0:F L:/foo/./user:/bin/sh
The usual thing is make the shell /bin/nologin
Hi Jerry, Thanks -- but
Changed to /usr/sbin/nologin
So thats not in the 'chroot' aka /foo/user/usr/sbin/nologin
$ sftp -v -v -v [EMAIL PROTECTED]
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23
On Tue, Mar 11, 2008 at 06:26:51PM -0400, Philip M. Gollucci wrote:
user:*:3000:3000::0:0:F L:/foo/./user:/bin/sh
The usual thing is make the shell /bin/nologin
Hi Jerry, Thanks -- but
Changed to /usr/sbin/nologin
So thats not in the 'chroot' aka /foo/user/usr/sbin/nologin
Well, you can