Submitted by Blueforce on Sun, 06/07/2009 - 06:55 Pro Licensee
Hi Guys!
Is there anyone who can tell me how to get a secure and locked down SFTP/SSH to user home directory.
I don't want to use FTP (ProFDPd), due to security reasons... every one tells me so anyway.
Started to use SFTP/SSH instead... an even BIGGER security problem because the whole server is open for everyone all the way down to / ohh yes, except for other user homes.
I find Scponly as an shell option, but I don't know how to configure and/or build the jail.
BTW, our box is a Fedora Core 6 and Virtualmin Pro.
Regards, Leif
Submitted by Hal9000 on Tue, 11/03/2009 - 03:46 Permalink
actually, this would interest me as well. i want to get rid of ftp, yet not allow users to see anything else but their home. i know they potentially can do that via php or cgi scripts or whatever, but still a non-chrooted scponly is like leaving your courtains open and invite people to look around. for this reason i still have ssh disabled and ftp enabled for all users, but really would like to change that in the future. has anyone set up a chrooted scponly successfully on a virtualmin system?
Submitted by Hal9000 on Tue, 11/03/2009 - 03:47 Permalink
actually, this would interest me as well. i want to get rid of ftp, yet not allow users to see anything else but their home. i know they potentially can do that via php or cgi scripts or whatever, but still a non-chrooted scponly is like leaving your courtains open and invite people to look around. for this reason i still have ssh disabled and ftp enabled for all users, but really would like to change that in the future. has anyone set up a chrooted scponly successfully on a virtualmin system?
I'm interested in too! How to get a secure and locked down SFTP/SSH to user home directory?
Submitted by Hal9000 on Fri, 03/19/2010 - 10:27 Permalink
i setup FTPES (SSL) with proftpd, altthough for somer eason the clients complain aobut the certificate... but it's a start :P