Looking for a secure ftp sw
Ed Wilts
ewilts at ewilts.org
Mon Mar 14 18:53:16 UTC 2005
On Mon, Mar 14, 2005 at 06:20:05AM -0800, Eucke wrote:
> Ed, doesn't placing FTP users in a chroot jail make this impossible as
> well as allowing no FTP access by priviledged users? Or is that not
> possible with sftp as it's basically ssh?
FTP servers chroot very well - we've been doing that on wu-ftpd and
ProFTPd for a long time.
sftp, however, is ssh - not ftp. Red Hat doesn't offer a chroot ssh
environment and it's not a priority for the openssh project. There are
patches that you can apply but then you're on your own for openssh
support.
I've looked at cPanel - they offer a jailshell environment - but it's
an "all or nothing" approach. You can't just install jailshell.
I've started to go over the docs for jailkit and it looks promising.
The url for that is http://olivier.sessink.nl/jailkit/
I'm also looking at scponly and it looks promising too:
http://www.sublimation.org/scponly/
http://www.sancho2k.net/filemgmt_data/files/scponly.html
I've done a bit of limited testing with scponly and so far it does the
job.
--
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program
More information about the redhat-list
mailing list