search for: ftpfuck

...securely isolate user without disabling writing to home directory! I've implemented it as PoC pam_module (not very secure at this moment), but i hope it can make it's way directly into OpenSSH. I'll tell you more, but here is the source if you wish anyway: https://github.com/Harvie/pam-ftpfuck/blob/master/src/mypam.c So how it works? It bind-mounts home directory of user into subdirectory of root-owned directory created especially for this user... so we're no longer chrooting into /home/user/ (which can be now owned by root) we'll rather chroot into /var/ssh-chroot/user/ (whic...