Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: chroot in winscp

See FAQ forum.
spaced

chroot in winscp

hi

WINSCP RULEZ!;)

BUT i have one small problem.
With instructions from ssh.com:
SSH Secure Shell for Servers: User Restrictions
Unix: How do I chroot users so that they cannot get out of their home directory when using sftp?


In SSH Secure Shell 3.2, it is possible to create a chrooted ssh environment even on operating systems like Solaris and HP-UX that do not have static libraries to build static binaries.

IMPORTANT: On AIX required version is SSH Secure Shell 3.2.1

1. Edit the following line in the configuration file /etc/ssh2/sshd2_config:

ChRootUsers user1,user2,user3

If all the users are in the same group, edit the following instead:

ChRootGroups group1,group2,group3

2. Also set the internal sftp-server in sshd2_config:

subsystem-sftp internal://sftp-server

3. Edit the /etc/passwd file so that the user's shell is set to /bin/ssh-dummy-shell. This is a good practice in case the server is accidentally started with a different configuration file and the user is not chrooted to their home directory. However, the ssh-dummy-shell is not needed or used when the user is successfully chrooted.

4. Restart the secure shell server and try to connect with sftp as user1, and verify that the environment is chrooted.

------------------------
I managded to setup sftp chroot for users.
But was not able to login with winscp (i think because of not valid shell - /bin/ssh-dummy-shell)

How can I set up chroot in winscp?

my email: lue @ poczta . onet . pl

regards
zbyszek