Topic: sftp ?

[damjan]

I need to lock users on their home directories or ibays and allow them to exchange files only via sftp.


I tried :
ftp chroot from dungog.org - works fine.  But this solution works in non-secure environment.
User shell - wors fine too (secure), but with this option user can walk through / tree

What I'm looking is the combination of mentioned solutions .

Maybe rssh is the answer, but I'm not able to get it work on SME.

Thank you
Damjan

[Stephen Noble]

>ftp chroot from dungog.org - works fine.
>But this solution works in non-secure environment.

if you have a secure ftp client it's secure
problem being there aren't any free sftp clients that i can see ...

don't give them shell access, you can't keep them in their home directory
and it's unneccesary to transfer files

stephen noble

[Michiel]

> if you have a secure ftp client it's secure
> problem being there aren't any free sftp clients that i can
> see ...

What's wrong with putty? It comes with psftp, a free sftp client:
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

[damjan]

Stephen and Michiel,

Thank you both for your replay.

If I chroot users in their home directories of ibays, the usernames and passwords are then send to ftp (21) in non encrypted mode.
Please correct me if I'm wrong.

But if I gave them shell access users are then  able to communicate via 22 port with encrypted mode but gain access to move to the all tree.
(i tried WinSCP, winscp.sourceforge.net based on putty).

Solution will be if I could limit users to their home directories/ibays when working on port 22.

br
Damjan

[stephen noble]

your correct, your first post stands
sftp, scp or winscp will use ssh port 22 and isn't chrooted

[boris]

< http://www.sublimation.org/scponly/ >

[boris]

or is it
> http://www.sublimation.org/scponly/ < ?