Hi,
I'm setting up a 'chrooted' SFTP only set of users:
/etc/make.conf:
.if ${.CURDIR:M*/usr/ports/security/openssh-portable*}
WITH_SUID_SSH =yes
WITH_OPENSSH_CHROOT =yes
WITH_HPN =yes
WITH_OVERWRITE_BASE =yes
.endif
/etc/rc.conf:
sshd_enable="NO"
openssh_enable="YES"
/etc/passwd:
user:*:3000:3000::0:0:F L:/foo/./user:/bin/sh
Access will be with ssh dsa keys only.
What is the best way to make this SFTP only and not SSH?
1).ssh/authorization?
2) change user's shell to /usr/local/libexec/sftp-server
3) change user's shell to a custom C wrapper around [2]
4) a combination of them
--
------------------------------------------------------------------------
Philip M. Gollucci ([EMAIL PROTECTED])
o:703.549.2050x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF
Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
