Eugene Apolinary wrote: > I want to make an sftp server.... > > - Only an sftp server > - Some users may log in by ssh (with openssh-server), some users can only > use sftp - Important! - Chroot! Users using sftp must only see e.g.: their > home directory, or better: a folder in it. - Under Debian Lenny > > Is there any good, secure solution? At least links to howtos? :S
Have a look at the keyword ChrootDirectory in man sshd_config. On my server, I have two groups for users: sshusers and sftpusers. In my /etc/ssh/sshd_config file, I have only: [...] Subsystem sftp internal-sftp AllowGroups sshusers sftpusers # Chroot for sftp users Match Group sftpusers ChrootDirectory /home/sftp X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp [...] See also: http://www.debian-administration.org/articles/590 Xavier -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org