Re: Redhat 9 + SFTP
Brought to you by:
xystrus
From: Derek M. <co...@pi...> - 2003-10-15 05:50:19
|
On Tue, Oct 14, 2003 at 02:47:54PM -0500, Aaron Axelsen wrote: > I stumbled accross RSSH and it looked like it could solve all my > issues. We are trying to set up an enviroment with sftp allowing > users to be chrooted to their home account so they cannot go > snooping around other locations on the system. It is possible to do this, but I don't recommend that, at least not exactly. The documentation explains why, so I won't reiterate it here. It is better to create ONE chroot jail for all your users, and then limit users' access to directories based on Unix file permissions. This is almost as good for your purposes, and much more managable. > If i understand correctly, that is one of the features of RSSH. Is > this a fairly simple processes to implement and updated via RPM's? No. Setting up a chroot jail is complicated. The documentation explains how to do it, but the exact steps are system-dependent, so there is not (and never can be) a concise step-by-step procedure to set it up. But if you have ever successfully set up complicated software in the past, you should be able to follow the directions and get it working. > Also, will redhats openssh rpm updates in any way cause problems with rssh > once it is installed and configured? No, updates will not cause problems (unless they are buggy of course). But, when you create a chroot jail, you will need to copy some of the OpenSSH files into the jail. When you update, you will need to copy the new versions of any files you copied before into the jail. Caveat sysadmin... > Thanks in advance for comments. You're welcome! -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D |