Lukasz Sztachanski wrote:
On Mon, Sep 18, 2006 at 03:23:37PM +0200, Bambero wrote:
Hello
Is there any good way to setup chrooted sftp-server without shell access ?
I tried scponly but it's not secure enough (I heard), there is no port
for openbsd,
and I had problems to set it up.
Second way is rssh, but compilation fails becouse of worexp.
Now I'm using ftpd but I want to change it becouse of text/plain passwords.
Any suggestions ?
use stsh[1]; if you want to simplify rulesets, you can just change
the code to inherit policy(-i). All my users have chrooted shell/sftp
accounts - no problems so far :)
I think it's the best way too.
One detail : your users are chrooted AND systraced or they have just
filesystem access
limitation thanks to systrace ?
- Lukasz Sztachanski
[1] http://monkey.org/~dugsong/openbsd/stsh-1.1.tar.gz
Frangois Visconte
