13 Mar
2008
13 Mar
'08
6:06 p.m.
On Thu, 13 Mar 2008, John Stoffel wrote:
Aaron> On a slight tangent: Do you have a specific need for ftp? I'd Aaron> suggest looking into using sftp instead (the s stands for Aaron> secure). It's available as part of openssh.
The problem with sftp is that it doesn't offer chroot() style jails for ftp users and accounts. This can be worked around using the scponly hack which is out on the net.
Now maybe I'm a little out of date, I'd love to know that more recent versions of OpenSSH support chroot'd sftp jails.
Actually, there is recent development on that front: http://undeadly.org/cgi?action=article&sid=20080220110039 I don't believe it's part of any release of OpenSSH yet, but presumably soon. Brian J. Conway