Hi all, I've been googling around for a couple of days now, and there is little consensus on how to solve the 'sftp & no shell access' problem. I've found references to people that are using patched versions of OpenSSH (a solution I think begs for problems to occur) to facilitate chroot-ing users at login, restricted shells (to prevent users doing certain things like changing directories etc), and chrooting a user to their home dir using a chroot-ed shell.
The most straight forward solution seems to be offered by this link : http://turquoise.thing.dk/#create_chroot_home However I'm still a little concerned that I don't necessarily have the "right" solution to this problem. So here's the problem (I have trawled the misc@ list archives and recognise people have put forward this problem before, but I haven't seen a definite solution appear - or at least not one I feel happy with). I want to be able to provide sftp access to users, these users are not anonymous - they will have accounts that I create for them. However I don't want them to be able to get outside their home dirs (as with chroot-ed ftp), and I don't want them to have 'shells' (ie. I don't want them to be able to log in over ssh, or if they must, they must be chroot-ed to their home dir). Cheers for any help, Dave