Some hosts chroot users into a specific web dir because they have multiple vhosts on the same server, and they dont want all sftp or ssh users to be able to browse into other vhosts, even to look around. They might also want to give developers access to specific subdirs without seeing the entire vhost root.
On Wed, Jun 14, 2017 at 9:22 AM Predrag Punosevac <punoseva...@gmail.com> wrote: > Markus Rosjat wrote: > > > Am 14.06.2017 um 13:42 schrieb Jiri B: > > > On Wed, Jun 14, 2017 at 01:09:47PM +0200, Solne Rapenne wrote: > > >> Je 2017-06-14 13:02, Bryan Harris skribis: > > >>> On Linux I have mounted another fs inside the user's home folder (it > > is > > >>> mounted twice). I don't know if OpenBSD has that feature. > > >>> > > >> > > >> This is not possible on OpenBSD, mount will tell "device is busy". > > >> > > >> On linux you should use mount --bind to bind a folder on another > > instead > > >> of mounting twice the mountpoint. FreeBSD has mount_nullfs to do > > exactly > > >> the same thing as --bind, but OpenBSD doesn't have any of this. > > > > > > Do you build a shell server or you just want to give SFTP access > > > to users' web data? > > > > > > If the latter, why don't you just chroot them directly into their > > > user dir inside web root? Or, just define their home to be inside > > > web chroot... > > > > > > j. > > > > > > > like I stated bevor I know I can simply give them there webcontent > > folder as home and chroot this for sftp but then again how to handle the > > > > I am with Jiri on this one. You completely lost me. What problem are you > trying to solve? > > I am running SFTP-only chroot file exchange server where a very small > group of users have the access to the same chroot without full shell > access for the purpose of sharing/exchanging data. > > I could imagine situation in which it is desirable to give users > chrooted SFTP-only access to their web data. It seems to me that one > could create virtual host per user and give them sftp-only access to the > root directory of their virtual server. > > Somebody help me. What would be other good use case scenarios for > chrooted sftp-only user access? > > Best, > Predrag > > > > > > .ssh or other . folders and files? I read somthing about placing it > > outside the home dir and define the location over sshd_config but not > > sure if this is proper solution. > > -- There's no place like 127.0.0.1
