Am 2017-10-24 12:19, schrieb Adrian Jenzer:
Hi Rainer
I would if I could but external offers only FTP and SCP...
Regards Adrian
AFAIK, for scp you need a proper shell.
I've done that exactly once (chrooted ssh) and it was such a pain that I
vowed to never do it again.
The problem is that inside the chroot, you need:
- nameresolution
- a minimal passwd/shadow/group file (or ldap)
- maybe for scp, you can get away with a rather minimal device-tree -
but for actual SSH access, I needed a fairly complete device tree inside
the chroot (ttys ...).
- that was with FreeBSD 10, I never tried it with anything else (due to
its history with jails, creating functional, limited chroot-environments
is somewhat in its genes, so to speak)
Somebody sent me the link to these scripts:
https://github.com/codelibre-net/schroot
Maybe you can use those scripts - I've never tried them.
Also, there's scp-only:
https://github.com/scponly/scponly/wiki
Haven't used that in years, either.
Concern over that one seemed to be that it's "another" shell and nobody
had apparently done a thorough audit of it.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
