On 9/19/06, Francois Visconte <[EMAIL PROTECTED]> wrote:
Lukasz Sztachanski wrote:
>On Mon, Sep 18, 2006 at 03:23:37PM +0200, Bambero wrote:
>
>
>>Hello
>>
>>Is there any good way to setup chrooted sftp-server without shell access ?
>>
>>I tried scponly but it's not secure enough (I heard), there is no port
>>for openbsd,
>>and I had problems to set it up.
>>
>>Second way is rssh, but compilation fails becouse of worexp.
>>
>>Now I'm using ftpd but I want to change it becouse of text/plain passwords.
>>
>>Any suggestions ?
>>
>>
>>
>use stsh[1]; if you want to simplify rulesets, you can just change
>the code to inherit policy(-i). All my users have chrooted shell/sftp
>accounts - no problems so far :)
>
>
I think it's the best way too.
One detail : your users are chrooted AND systraced or they have just
filesystem access
limitation thanks to systrace ?
Now I'm using chrooted ftpd. I need to chroot users to
/var/www/users/user to have filesystem access. No systrace limitation.
