Hello, I searched a while to find out, if there is an sftp-server implementation which provides an option similar to the defaultroot of proftpd. A typical use would be: DefaultRoot = ~ The option does the follwing: Once the use logs in, it determines the home directory of the user .ie /home/u1234 and takes this as the users root. The user cannot escape that root (he can not look at /tmp for example). Each file within his home directory is presented without the home directory prefix (for example: /index.html instead of /home/u1234/index.html). This is very different from the chroot options, because there is no need to have all the libraries and executables within the users home directory. The projects that I found look very strange and not good maintained. Interestingly they are based on the sftp-server of ssh. Why doesn't the openssh sftp-server include this? Are there plans to do it? Are there certain reasons not to include? Regards Marten
On Mon, May 21, 2007 at 07:36:17PM +0200, Marten Lehmann wrote:> Why doesn't the openssh sftp-server include this? Are there plans > to do it? Are there certain reasons not to include?This functionality needs to be in the shell, since the user's shell is always used by sshd to execute whatever program is requested. (Interactive, single command or subsystem.) See e.g. rssh //Peter