Thanks, Ed. Maybe I'll just have to be happy with the rssh solution. It's not perfect, but it's better than nothing. Regards, Marshall -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Ed Wilts Sent: Thursday, December 08, 2005 12:36 PM To: General Red Hat Linux discussion list Subject: Re: Limiting system and filesystem access On Thu, Dec 08, 2005 at 11:19:46AM -0600, McDougall, Marshall (FSH) wrote: > I apologize if this is too OT. It's absolutely on topic. > So my burning question is: How do I give this user sftp access only to > a very limited area of my system? Any assistance appreciated. There is no supported and secure method of chroot'ing a user using openssh. Sadly enough, any number of open source FTP servers will gladly do this for you making FTP *more* secure than SFTP for this type of application. This is especially true if you can make ftp/tls work for you. What we're doing is buying the Tectia SSH server for our external-facing servers. It's commercial but will give us secure chroot'ed access to the file systems for our external customers. .../Ed -- Ed Wilts, RHCE Mounds View, MN, USA mailto:ewilts@xxxxxxxxxx Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
