Topic "chroot in winscp"

Author Message
spaced

Guest


hi

WINSCP RULEZ!Wink

BUT i have one small problem.
With instructions from ssh.com:
SSH Secure Shell for Servers: User Restrictions
Unix: How do I chroot users so that they cannot get out of their home directory when using sftp?


In SSH Secure Shell 3.2, it is possible to create a chrooted ssh environment even on operating systems like Solaris and HP-UX that do not have static libraries to build static binaries.

IMPORTANT: On AIX required version is SSH Secure Shell 3.2.1

1. Edit the following line in the configuration file /etc/ssh2/sshd2_config:

ChRootUsers user1,user2,user3

If all the users are in the same group, edit the following instead:

ChRootGroups group1,group2,group3

2. Also set the internal sftp-server in sshd2_config:

subsystem-sftp internal://sftp-server

3. Edit the /etc/passwd file so that the user's shell is set to /bin/ssh-dummy-shell. This is a good practice in case the server is accidentally started with a different configuration file and the user is not chrooted to their home directory. However, the ssh-dummy-shell is not needed or used when the user is successfully chrooted.

4. Restart the secure shell server and try to connect with sftp as user1, and verify that the environment is chrooted.

------------------------
I managded to setup sftp chroot for users.
But was not able to login with winscp (i think because of not valid shell - /bin/ssh-dummy-shell)

How can I set up chroot in winscp?

my email: lue @ poczta . onet . pl

regards
zbyszek
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24530
Location: Prague, Czechia
See FAQ forum.
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License