Hello Folks, I'm trying to replace an FTP with several hundred users with something secure. My requirements: - transfers must be logged - users should not have any access to other users' directories - users should land in a writable directory - users should be chrooted I've been trying to get this working with OpenSSH and the internal SFTP server, but it does not seem possible.... If I chroot each user using "ChrootDirectory /home/%u", there are two problems: 1) the user lands in a directory to which he cannot write 2) I would need hundreds of syslog logging sockets, one in each user's chrooted environment if I chroot all users to the same top directory, for example "/home", which would solve the problem of avoiding hundreds of syslog logging sockets, I have found no method of having OpenSSH chdir into a user-specific subdirectory (I would be willing to rely on the standard UNIX security model to restrict users' access to their own directories). Have I missed something, or is what I'm trying to achieve simply not possible using OpenSSH? I do not really want to get into bind-mounting all sorts of crap from outside the chroot envonment to get stuff to work, particularly not for hundreds of users. If "sftp-server" solve the problem in conjunction with a single chroot top directory, I would be willing to bind-mount (or copy) what it needs, but I have not found any way of getting sftp-server to satisfy the above requirements. The platform is CentOS 6.5 (x86_64). "ssh -V" reports: OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 cheers, Rob _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev