Glenn Cogle wrote, On 01/03/10 17:27:
I want to chroot my sftp users to their respective home directories, but
apparently this isn't the default behaviour.
My server is debian 3.1, openssh 3.8.1p1 & vsftpd 2.0.3 - not exactly
cutting edge, but it works.
...
Interested in comments from those who have been here.......
I've not done this myself, but at the glacial speed of debian releases
your 3.1 / sarge install dates from 2005 and probably hasn't had a
security update since 2007.
Try a
dpkg -S openssh-blacklist
and see if you're still vulnerable to that.
Lenny is 5.0 and is classed as stable.
I recommend you edit /etc/apt/sources.list and change sarge to "stable"
then do a full
apt-get update && apt-get dist-upgrade
Or possibly its time for new hardware.... the box has to be fairly old
now. To build on a newer box will be better than trying to rebuild the
existing one.
After that, all the updated versions should work much better.
vsftp is 2.2.2-3
openssh is 1:5.3p1-1
--
Craig Falconer