I'm staring at this thread, and all of this complexity, and trying to figure out "why are you hurting yourself doing this"? In the amount of time burned trying to integrate hundreds of NFS mounts and chroot cage configurations, you could have "vsftpd" to support FTPS rather than SFTP, gotten clean isolated upload and download cages without having to embed /dev/log in the chroot cages, enabled much simpler and stable automounting, and spent the rest of the time on the lobbying effort necessary to convince your user community to switch to FTPS enabled clients. Unless you have some compelling need for SSH key based access, why are you spending these cycles on this work? _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev