[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Sam Grabham wrote: > Hi > > I have a client that wishes to use sftp over a trusted key ssh connection. > > The problem is that if they use something like winscp, they can browse > around the file structure and view file content. There is a sshd patch around (may be its included now with sshd) that allows exactly this, it logs the user into a chroot after the sshd authentication, this sounds along the right lines :- http://www.debian-administration.org/articles/590 I think the biggest drawback with this is that its not necessary that hard to break out of a jail if you have shell access from ssh and that should then be considered the weakest link. Robin
Attachment:
signature.asc
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html