It would be soo much easier just to setuid sftp-server and chroot() at that level.. One does not need to add the complexity and unmanagability of a full chroot() environment.
There are patches to do this on the OpenSSH-Dev list. - Ben On Sun, 14 Oct 2001, Alex Kramarov wrote: > Hello. > > After a few hours I was able to setup a chrooted sftp system, and write a > short howto, since i couldn't find any : > > http://mail.incredimail.com/sftp-chroot.html > > > I would like to get comments and advice, especially about 2 things : > > 1. is it possible to compile sftp-server with staticly linked libraries - > configure doesn't seem to have this option. > > 2. I have put the sftp-server binary as the shell for the users of the > server. I don't want to pur bash into the chroot jail, and I don't want to > use ssh's ssh_dummy_shell, cause it's not free. Is it dangerous to expose > sftp-server as a shell to my users, so they couldn't login interactively > into the system ? > > 3. a remark - the ./contrib/chroot.diff doesn't work with the latest > version, the file to patch has changed too much for patch to success here, i > had to go to the source and insert the patch manually. > > Thank you. > > Alex. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
