If you want a nice message, I suggest creating a class in /etc/logins.conf which point to a /etc/issues.sftponly file where the user gets a nice message, which you deem appropriate.
Secondly, as far as chroot, I don't believe OpenSSH supports chroot natively, however I know there is a patch floating around (I believe in the contrib/ directory of the openssh portable tarball) which will patch openssh to support chroot'd environments. You will need to recompile the openssh portable distribution, however.
Rob Lahaye wrote:
Raymond Sundland wrote:
Rob,
You can try setting the user's shell to /usr/libexec/sftp-server (or wherever the sftp-server binary exists under FreeBSD).
This will give the user ability to SFTP into the box, but without a normal shell. /usr/lib/exec/sftp-server should be added to /etc/shells, too.
Almost works ;). Doing what you suggest, I can sftp to the account, but when I do ssh to that account, I get the regular login message but no prompt. Something seems to hang. When I type something and hit return, I get:
bad message Connection to foo.bar.com closed. $
It somehow blocks ssh login indeed, but it's not very nice!
BTW will sftp also work with the /etc/chroot file?
Thanks, Rob.
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
