On Mon, Mar 20, 2006 at 05:35:31PM +0100, Michael Schmidt wrote: > Hello, > > OpenBSD version 3.8 > Architecture i386 > > After having read several man pages and faqs I have found nothing > describing sftp jailed by chroot and scp jailed by chroot. > I am looking for both sftp and scp configurations where client users are > forced into chroot jails from where they cannot escape from and cannot > break. > > I cannot imagine that this is not possible. > May be I missed something? > Or would you please be so nice to post any helpful hints? > > Have a nice day > Michael > > -- > Michael Schmidt MIRRORS: > DJGPP ftp://ftp.fh-koblenz.de/pub/DJGPP/ > Ghostscript ftp://ftp.fh-koblenz.de/pub/Ghostscript/ > >
Look at scponly. However, do not enable additional stuff, espcially the rsync has gaping holes if my last look into the code was correct. scponly uses a blacklist to prevent bad guys passing dangerous arguments to them, a thing wich obviously doesn't work very well. But it's the best you can get if you need this kind of functionality. Tobias
