SFTP/SCP only and chroot

Asked Dec 08 '14 at 10:16

Active Dec 08 '14 at 16:23

Viewed 95 times

We have a SFTP Server and a bunch of users. The users share files over the SFTP Server with us (not the best solution, I know).

Every user is chrooted into a different directory to prevent them from cd to a higher directory and seeing the other users (Folders are named after users). another requirement is, that only SCP(/SFTP) is allowed - so no shell. We also want certificates for authentication.

Until now we used scponly to meet all the requirements. But scponly is deprecated now so we can't use it anymore and need an alternative. Some Googling brought SFTP chroot and rssh to daylight but neither seem to meet all specifications.

EDIT: We are using SLES 12

edited Dec 08 '14 at 16:23

jw013

51,212

asked Dec 08 '14 at 10:16

globus243

Does this ServerFault article help? – garethTheRed Dec 08 '14 at 10:43
nice tip, but we need to block SSH Shell access. – globus243 Dec 08 '14 at 10:52
See http://unix.stackexchange.com/a/64541 – Stéphane Chazelas Dec 08 '14 at 11:17
The part that sets their shell to /bin/false stops that for you. You could also consider the no-pty option in authorized_keys. – garethTheRed Dec 08 '14 at 11:25

SFTP/SCP only and chroot

0 Answers0