HPE Community
Operating System - Linux
1833173 Members
3038 Online
110051 Solutions
New Discussion

Re: chroot - sftp - RedHat ES4

 
Jeff Hoevenaar
Frequent Advisor

‎09-07-2005 01:16 AM

‎09-07-2005 01:16 AM

chroot - sftp - RedHat ES4

I am trying to create a chroot environment for users using sftp.

I have found many different examples on how to set this up but none of them seem to work. I also found /etc/security/chroot.conf but no documentation on it.

Has anyone done this and got it to work.

Thanks!
0 Kudos
7 REPLIES 7
Jeff Hoevenaar
Frequent Advisor

‎09-07-2005 01:58 AM

‎09-07-2005 01:58 AM

Re: chroot - sftp - RedHat ES4

One more thing - how can a limit which users are allowed to sftp to my server?
0 Kudos
Gopi Sekar
Honored Contributor

‎09-07-2005 02:14 AM

‎09-07-2005 02:14 AM

Re: chroot - sftp - RedHat ES4


For your second requirement:

Check for 'AllowUsers' and 'DenyUsers' configuration parameters for /etc/ssh/sshd.config file

for more information on this 'man sshd_config'

I don't know much about how to do the first requirement

Regards,
Gopi
Never Never Never Giveup
0 Kudos
Ivan Ferreira
Honored Contributor

‎09-07-2005 07:30 AM

‎09-07-2005 07:30 AM

Re: chroot - sftp - RedHat ES4

For using sshd with chroot, you will need a patch. See:

http://chrootssh.sourceforge.net/index.php

I don't know if you can selectively enable chroot for sftp only, not for ssh, or viceversa.

What I know is that the vsftpd has chroot capabilities and works very well. Also, you can secure the comunication of the vsftpd server using SSL/TLS.

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Jeff Hoevenaar
Frequent Advisor

‎09-07-2005 07:47 AM

‎09-07-2005 07:47 AM

Re: chroot - sftp - RedHat ES4

I got this to work by modifying /etc/pamd/ssh and /etc/security/chroot.conf and /etc/ssh/sshd_config.

http://www.tokkee.de/howtos/chrooted_ssh_howto.pdf
0 Kudos
Julien Mioni
Occasional Advisor

‎09-08-2005 06:03 AM

‎09-08-2005 06:03 AM

Re: chroot - sftp - RedHat ES4

I made it work on a Fedora Core 3 using this howto :
http://gentoo-wiki.com/HOWTO_SFTP_Server_(chrooted,_without_shell)

But users can always use the "!command" to send shell commands. Do somebody know how to remove this option ?

julien
0 Kudos
Julien Mioni
Occasional Advisor

‎09-08-2005 06:05 AM

‎09-08-2005 06:05 AM

Re: chroot - sftp - RedHat ES4

PS : I'll try your howto tomorrow Jeff
Julien
0 Kudos
Jeff Hoevenaar
Frequent Advisor

‎09-13-2005 03:14 AM

‎09-13-2005 03:14 AM

Re: chroot - sftp - RedHat ES4

.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.