[scponly] Re: Winscp and scponlyc
Amaya Rodrigo Sastre
arodrigo at genasys.com
Tue Jan 13 10:13:36 EST 2004
Lasse J. Kolb dijo:
> So I guess .. the problem is more the chroot-part, than the
> sftp-protocol.
The debian package has a setup file for chroot enviroments:
arodrigo at onix>cp /usr/share/doc/scponly/setup_chroot.sh.gz .
arodrigo at onix>gunzip setup_chroot.sh.gz
arodrigo at onix>chmod +x setup_chroot.sh
arodrigo at onix>sudo setup_chroot.sh
Next we need to set the home directory for this scponly user.
please note that the user's home directory MUST NOT be writable
by the scponly user. this is important so that the scponly user
cannot subvert the .ssh configuration parameters.
for this reason, an "incoming" subdirectory will be created that
the scponly user can write into. if you want the scponly user to
automatically change to this incoming subdirectory upon login, you
can specify this when you specify the user's home directory as
follows:
set the home dir to /chroot_path//incoming
when scponly chroots, it will only chroot to chroot_path and
afterwards, it will chdir to incoming.
enter the home directory you wish to set for this user:
etc...
Have you done that?
--
"Pay no attention to the man behind the curtain." -- The Wizard Of Oz
Amaya M. Rodrigo Sastre Genasys II Spain, S.A.U.
Mobile Location Systems IT SysAdmin Ventura de la Vega, 5.
Phone: +34913649100 Fax: +34913649119 28014 Madrid. Spain.
More information about the scponly
mailing list