locking down sftp directory

From: "tilopa" <wgilgallon@xxxxxxxxx>
Date: 22 Sep 2006 17:36:06 -0700

I just installed and configured Cygwin SSH on a Windows2003 DC. We want
to have external clients be able to sftp into this server and be able
to upload and download files from a single particular directory. But
when I test this functionality I can connect to the server and am
dumped into the correct dirctory but I can then uplevel to the cygwin
root directory and have access to everything there. I have searched
quite a bit for a solution and have found nothing, except for
references to chroot which apparently can only be configured on a pure
unix machine. It is puzzleing to me that more businesses would not need
this functionality, and what is the point of secure ftp if you cannot
lock your users into there home directory. Does anyone know of a better
free solution?
My passwd file looks like this:

sally:unused_by_nt/2000/xp:11118:10513:sally,U-DSDNET\sally,S-1-5-21-838629778-670936772-3974172153-1118:
/data:/usr/sbin/sftp-server

Thanks.

.

Follow-Ups:
- Re: locking down sftp directory
  - From: Thomas Samson
- Re: locking down sftp directory
  - From: Todd H.

Prev by Date: Re: allow login from specific address
Next by Date: Re: locking down sftp directory
Previous by thread: allow login from specific address
Next by thread: Re: locking down sftp directory
Index(es):
- Date
- Thread

Relevant Pages

Re: locking down sftp directory
... to have external clients be able to sftp into this server and be able ... this functionality, and what is the point of secure ftp if you cannot ... The point of secure ftp is to do secure authenticated file transmission, ...
(comp.security.ssh)
Re: Good alternative to BT2700HGV
... The functionality seems excellent but I'm ... Netgear support it only currently supports Multi-nat if you use the ... ethernet WAN port and not the internal ADSL modem. ... RDP open on one server, PPTP and SMTP on another, and some SAP ...
(uk.telecom.broadband)
Re: Good alternative to BT2700HGV
... I have a multi IP business package from BT and have been using the ... The functionality seems excellent but I'm ... ethernet WAN port and not the internal ADSL modem. ... RDP open on one server, PPTP and SMTP on another, and some SAP ...
(uk.telecom.broadband)
Re: Architectural feedback
... > bank branches absolutely must be able to function with a failed server (or ... This means a lot of functionality is duplicated on ... >> core app must reside on the client or may be run from the server. ...
(microsoft.public.dotnet.general)
RE: Are you truly a M$ desktop alternative?
... to run a kickarse Microsft 2K3 server Terminal Server, ... This email is going to any Linux house whom has pitched themselves via ... integration and functionality? ... The cost difference is obvious. ...
(freebsd-questions)