There were indeed multiple nics on the machine I did this with. The "outside" interface was the vm guest. It served the purpose and provided another layer between us and them. Regards, Marshall >-----Original Message----- >From: redhat-list-bounces@xxxxxxxxxx >[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Johan Booysen >Sent: Friday, June 15, 2007 8:26 AM >To: General Red Hat Linux discussion list >Subject: RE: Chrooted sftp on rhel3 > >Hi, > >If you wanted to make that virtual sftp server available to external >users, and put it into a dmz - can you do that without having >to put the >physical machine into the dmz? Just a thought that occurred to me, now >that you mentioned it. > >I suppose you could if you have a second network adapter... > >Do you actually do this? > >Thanks. > >-----Original Message----- >From: redhat-list-bounces@xxxxxxxxxx >[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of >McDougall, Marshall >(FSH) >Sent: 15 June 2007 13:50 >To: General Red Hat Linux discussion list >Subject: RE: Chrooted sftp on rhel3 > >>Any ideas on how to restrict access so ftp users are locked >into their >>own home directories - if that is even possible? It doesn't >seem like >>much of an issue to me, but I'd appreciate your thoughts. >> >>Thanks very much. >> >>Johan > >Johan. I looked at doing this a while back and was quite unsuccessful >with the jail. I ended up using VMware server and created a vm guest >specifically for SFTP/SCP users. If they trashed it, I would just >restore from image. > >Regards, Marshall > >-- > >redhat-list mailing list >unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >https://www.redhat.com/mailman/listinfo/redhat-list > >-- >redhat-list mailing list >unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
