Home » Mailing list archives » openbsd-misc » 2010 » March » 19

SSH chroot and ForceCommand

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Bambero
Subject: SSH chroot and ForceCommand
Date: Friday, March 19, 2010 - 7:58 am

I have a liitle problem.

I need a sshd configuration to chroot (internal sftp) every user
excluding admin (which should have a shell access).

So i made:

ChrootDirectory /var/www/users/%u
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Match User admin
    ChrootDirectory none
    ForceCommand no

I also tried to set ForceCommand to SSH_ORIGINAL_COMMAND or none or true
or leave emty. Doesn't work.

I also try different configuration:

Match User !admin
	ChrootDirectory /var/www/users/%u
	ForceCommand internal-sftp
	X11Forwarding no
	AllowTcpForwarding no

but it doesnt work too.

I don't want to set special group (ex. sftopnly) for users.
Is there a better way ?

Thanks,
Bambero
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
SSH chroot and ForceCommand, Bambero, (Fri Mar 19, 7:58 am)
Re: SSH chroot and ForceCommand, Dan Harnett, (Fri Mar 19, 11:39 am)