I'm running OpenSSH_7.4p1 (CentOS7) and have been asked to build a sort of "drop box" to allow clients read-only access from a certain directory. Right now, I've implemented this with the following lines in /etc/ssh/sshd_config: Subsystem sftp internal-sftp Match User update_user ChrootDirectory /opt/dropbox ForceCommand internal-sftp -d / -R This is mostly working; it's allowing read-only access and restricting the connecting user to the /opt/dropbox directory. I am concerned about the following note in the man page: 'For file transfer sessions using ''sftp'', no additional configuration of the environment is necessary if the in-process sftp server is used, *though sessions which use logging do require **/dev/log inside the chroot directory'* As I haven't created a /dev/log socket in the directory, I am concerned that there is logging information I will wish I had. Looking at the -p and -P options, I wonder if there isn't a more fine-grained approach possible, to perhaps whitelist only the commands necessary for two operations: to list the contents of the current directory and retrieve the files. My attempts so far to restrict opendir, lstat, read, readdir, realpath, etc. haven't been successful. For example, restricting "opendir" gives an error that the client can't get the CWD and the session fails. Any pointers? -Cheers, Travis _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
