Re: openssh: Enabling sftp, but disabling ssh?
- From: Benjamin Donnachie <benjamin@xxxxxxxxxxxxx>
- Date: Sat, 09 Sep 2006 19:07:25 +0100
Derek Martin wrote:
I will say I wrote rssh in part because I thought Joe's approach to
scponly was more complicated and hard to audit
I did stop using rssh as whenever I tried to access ~ on the remote end
it would cause an error message that /chroot/home/user didn't exist;
which, of course, it doesn't from within the chroot. Whereas scponly
would reject ~ with an error regarding wildcards, which was less
confusing for users.
However! This thread has just made me realise that a symlink inside the
chroot linking /chroot/chroot to /chroot (Or rather chroot to . within
/chroot) means that rssh works perfectly again! So I've gone back to
using it again! :)
I did consider modifying rssh so that it substitutes the user's home
path from the chroot's passwd file for ~ but that may not be appropriate
for all circumstances and the symlink is easy enough to implement.
- Prev by Date: Re: SSH key authentication - can only login as root
- Next by Date: One account with multiple keys -- which one was used?
- Previous by thread: Re: openssh: Enabling sftp, but disabling ssh?
- Next by thread: Re: openssh: Enabling sftp, but disabling ssh?