On Sat, Feb 11, 2017 at 2:40 PM, Jonathan Pauli <jonathan@xxxxxxxxxxxxxx> wrote: > I think for this I might try running sftp in a container instead of chroot. > > I might then add some feature flags around the commands I don't like and compile a custom version of it. Of course, auditors hate me, but so it goes. A container is a good move for this. And be sure, to take advantage of the limited chroot features for sftp, that you need *sftp* and not *scp*, *ssh*, *rsync*, or others. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev