On Wed, Sep 19, 2018 at 02:59:42PM -0700, Chris Bennett wrote:
> OK, I think I have this right now
>
> Files in /etc/mtree show proper owner:group mode everywhere.
> Files inside of httpd chroot have same as outside.
> Added an sftp chroot directory inside of httpd chroot fo
OK, I think I have this right now
Files in /etc/mtree show proper owner:group mode everywhere.
Files inside of httpd chroot have same as outside.
Added an sftp chroot directory inside of httpd chroot for external user.
Thus they can upload and download, but do the work elsewhere. Nologin.
Right
thanks for the info, the read only would be rw but it's at least worth
looking at even its hackish :-P
But I also figured, since I dont need a shell for these users I can
simply force them in a sftp chroot somewere else but this is something I
have to refine more though
on my testmachine I
On 14 June 2017 at 11:33, Markus Rosjat wrote:
> Hi there,
>
> I want to build an sftp environment where the user is chrooted to his home
> dir. So far so good but then again the user might need access to a webserver
> resource like /var/www/htdocs/some_dir
>
> As far as I
Have a look at the book https://www.michaelwlucas.com/tools/relayd
Chapter 7 addresses this exact scenario
On Wed, Jun 14, 2017 at 3:33 AM, Markus Rosjat wrote:
> Hi there,
>
> I want to build an sftp environment where the user is chrooted to his home
> dir. So far so good
Am 14.06.2017 um 16:31 schrieb Chris M:
Some hosts chroot users into a specific web dir because they have multiple
vhosts on the same server, and they dont want all sftp or ssh users to be
able to browse into other vhosts, even to look around. They might also want
to give developers access to
Some hosts chroot users into a specific web dir because they have multiple
vhosts on the same server, and they dont want all sftp or ssh users to be
able to browse into other vhosts, even to look around. They might also want
to give developers access to specific subdirs without seeing the entire
Markus Rosjat wrote:
> Am 14.06.2017 um 13:42 schrieb Jiri B:
> > On Wed, Jun 14, 2017 at 01:09:47PM +0200, Solne Rapenne wrote:
> >> Je 2017-06-14 13:02, Bryan Harris skribis:
> >>> On Linux I have mounted another fs inside the user's home folder (it
> is
> >>> mounted twice). I don't know if
You could do it like this:
Say you have /www/sites/, make a subdir /files/html, and another for
/html which is a symlink to files/html:
/www/sites/www.somedomain.com
/www/sites/www.somedomain.com/files/html
/www/sites/www.somedomain.com/html -> files/html
Mount /www/sites/www.somedomain.com to
Am 14.06.2017 um 15:53 schrieb Markus Rosjat:
Am 14.06.2017 um 13:42 schrieb Jiri B:
On Wed, Jun 14, 2017 at 01:09:47PM +0200, Solne Rapenne wrote:
Je 2017-06-14 13:02, Bryan Harris skribis:
On Linux I have mounted another fs inside the user's home folder (it is
mounted twice). I don't
Am 14.06.2017 um 13:42 schrieb Jiri B:
On Wed, Jun 14, 2017 at 01:09:47PM +0200, Solne Rapenne wrote:
Je 2017-06-14 13:02, Bryan Harris skribis:
On Linux I have mounted another fs inside the user's home folder (it is
mounted twice). I don't know if OpenBSD has that feature.
This is not
On Wed, Jun 14, 2017 at 01:09:47PM +0200, Solne Rapenne wrote:
> Je 2017-06-14 13:02, Bryan Harris skribis:
> >On Linux I have mounted another fs inside the user's home folder (it is
> >mounted twice). I don't know if OpenBSD has that feature.
> >
>
> This is not possible on OpenBSD, mount will
Je 2017-06-14 13:02, Bryan Harris skribis:
On Linux I have mounted another fs inside the user's home folder (it is
mounted twice). I don't know if OpenBSD has that feature.
This is not possible on OpenBSD, mount will tell "device is busy".
On linux you should use mount --bind to bind a
On Linux I have mounted another fs inside the user's home folder (it is
mounted twice). I don't know if OpenBSD has that feature.
On Wed, Jun 14, 2017 at 6:38 AM, Ville Valkonen
wrote:
> Hi,
>
> one option is to use local nfs mounts. That's what I've done.
>
> --
>
Hi,
one option is to use local nfs mounts. That's what I've done.
--
Regards,
Ville
On Jun 14, 2017 11:34 AM, "Markus Rosjat" wrote:
Hi there,
I want to build an sftp environment where the user is chrooted to his home
dir. So far so good but then again the user might need
Je 2017-06-14 10:33, Markus Rosjat skribis:
Hi there,
I want to build an sftp environment where the user is chrooted to his
home dir. So far so good but then again the user might need access to
a webserver resource like /var/www/htdocs/some_dir
As far as I understand a symlink doesnt work in
Hi there,
I want to build an sftp environment where the user is chrooted to his
home dir. So far so good but then again the user might need access to a
webserver resource like /var/www/htdocs/some_dir
As far as I understand a symlink doesnt work in the chroot setup and Im
not quiet sure how
Hi,
I am using sftp server with a chroot with following lines in sshd configuration
file. The same works for my actual server in 4.4 OpenBSD but I just freshly
installed a 4.7 one and on it the sftp login fails (it works without chroot).
Match group web
ChrootDirectory /var/www/htdocs
On Sun, May 30, 2010 at 05:22:22PM +0200, Jean-Francois wrote:
Hi,
I am using sftp server with a chroot with following lines in sshd
configuration
file. The same works for my actual server in 4.4 OpenBSD but I just freshly
installed a 4.7 one and on it the sftp login fails (it works
Le dimanche 30 mai 2010 17:39:36, Bret S. Lambert a icrit :
On Sun, May 30, 2010 at 05:22:22PM +0200, Jean-Francois wrote:
Hi,
I am using sftp server with a chroot with following lines in sshd
configuration file. The same works for my actual server in 4.4 OpenBSD
but I just freshly
On 2009-02-23, Michael W. Lucas mwlu...@blackhelicopters.org wrote:
On Mon, Feb 23, 2009 at 07:33:23PM +0100, Jean-Francois wrote:
Hello,
If I understand this will chroot any user. Am I correct ?
- Is root chrroted as well ?
Don't scp or SSH in as root. Use a regular account and sudo, or
On Mon, Feb 23, 2009 at 07:33:23PM +0100, jfsimon1...@gmail.com wrote:
If I understand this will chroot any user. Am I correct ?
- Is root chrroted as well ?
- Is it possible to chrrot only some users ?
What man page is not clear?
--
Olivier Cherrier
Dnia poniedziaEek, 23 lutego 2009, Nigel J. Taylor napisaE:
ChrootDirectory %h
Subsystem sftpinternal-sftp
Match group wheel
ChrootDirectory none
Or the other way around.
Subsystem sftp internal-sftp
Match User john paul
ChrootDirectory /chroot/%u
--
Pozdrawiam,
Cezary Morga
Hi Jean-Francois
Attach a little example, hope that helps
The user archivos only have access to /var/www/domains/home/
archivos/public_html
$ cat /etc/ssh/sshd_config
Port 22
Protocol 2
SyslogFacility AUTH
LogLevel INFO
PermitRootLogin no
Subsystem sftp internal-sftp
Match group chrootusers
Hi All,
As far as I understand, the sftp service is always running since it is
the ssh daemon (maybe one can correct me if I'm wrong).
Hence I need to chroot some users to specific directories.
I prefer not to use vsftp at present time if this feature is available
with sftp of OpenBSD.
One can
at present time if this feature is available
with sftp of OpenBSD.
One can help me ?
http://lmgtfy.com/?q=sftp+chroot+openbsd
See sshd_config(5) and search for ChrootDirectory.
Floor
On Feb 23, 2009 6:24 PM, Jean-Francois jfsimon1...@gmail.com wrote:
Hi All,
As far as I understand, the sftp service is always running since it is
the ssh daemon (maybe one can correct me if I'm wrong).
Hence I need to chroot some users
Hello,
If I understand this will chroot any user. Am I correct ?
- Is root chrroted as well ?
- Is it possible to chrrot only some users ?
I am afraid that is I do this then all users will be chrooted and I
won't be able to turn this back since I will not have access to /etc.
Line to be changed
can correct me if I'm wrong).
Hence I need to chroot some users to specific directories.
I prefer not to use vsftp at present time if this feature is available
with sftp of OpenBSD.
One can help me ?
http://lmgtfy.com/?q=sftp+chroot+openbsd
--
/\ASCII Ribbon Campaign
On Mon, Feb 23, 2009 at 07:33:23PM +0100, Jean-Francois wrote:
Hello,
If I understand this will chroot any user. Am I correct ?
- Is root chrroted as well ?
Don't scp or SSH in as root. Use a regular account and sudo, or at
least the root password.
- Is it possible to chrrot only some
On Mon, Feb 23, 2009 at 04:21:01PM -0500, Michael W. Lucas wrote:
On Mon, Feb 23, 2009 at 07:33:23PM +0100, Jean-Francois wrote:
- Is it possible to chrrot only some users ?
I don't believe so. You could look at scponly, it can chroot users.
It's an add-on shell, not in ports, has not been
Hi,
You might try a looking at Match in the sshd_config man pages, ChrootDirectory.
Something like this in sshd_config, home directories must be root owned if
chrooted. This is in Openssh v5.1, not sure when it was introduced.
ChrootDirectory %h
Subsystem sftpinternal-sftp
Match
On Mon, 23 Feb 2009 14:17:57 -0600
patric conant mirage.comput...@gmail.com wrote:
That was the funniest thing I have ever seen.
Funny, at least. :)
--
Maxime DERCHE
GnuPG public key ID : 0x9A85C4C0
(fingerprint : 0FDC 16AF 5A5B 1908 786C 2B85 2D3C C83E 9A85 C4C0)
Hi,
yes it's possible to chroot only some useee,
see match user in sshd_config
Le Mon, 23 Feb 2009 19:33:23 +0100,
Jean-Francois jfsimon1...@gmail.com a C)crit :
Hello,
If I understand this will chroot any user. Am I correct ?
- Is root chrroted as well ?
- Is it possible to chrrot only
On Mon, Feb 23, 2009 at 05:20:17PM -0500, Mike Erdely wrote:
On Mon, Feb 23, 2009 at 04:21:01PM -0500, Michael W. Lucas wrote:
On Mon, Feb 23, 2009 at 07:33:23PM +0100, Jean-Francois wrote:
- Is it possible to chrrot only some users ?
I don't believe so. You could look at scponly, it
Hi all,
I've been googling around for a couple of days now, and there is little
consensus on how to solve the 'sftp no shell access' problem. I've
found references to people that are using patched versions of OpenSSH (a
solution I think begs for problems to occur) to facilitate chroot-ing
users
36 matches
Mail list logo