Brian Marshall wrote: > I have a file server that has ssh on a public IP. We've been using SCP/FTPS > over ssh to get to the server, but since it's sshd the users can see the > entire file system. > > The problem is that the drive mount everyone needs to get to is outside of > their home dir. Is their anyway I can setup chroot through sshd? > > Or is it just a silly pursuit and I should just setup a proper FTPS server? It's doable, however actual implementation depends on how your users are accessing the server. Some of the possible options: You could run chrooted sshd on different port. You could use forced command option if they can only authenticate via RSA keys (which will throw them into jail and than execute either scp or sftp). You could change the login shell so that it throws them into jail, and than executes the real shell. Either of the above will work.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
