On Tue, Mar 01, 2011 at 08:16:52PM -0500, Nico Kadel-Garcia wrote:
2011/3/1 Stephen Harris lists@spuddy.org:
OpenSSH5 requires nothing inside the jail area for chroot sftp; that's why it's "sftp-internal".
They got that ***working***? I thought Theo had sworn that chroot cages would never be supported this way, as a "fundamentally wrong" approach!
I've no idea of OpenBSDs SSH supports it, but OpenSSH portable does, and it works well as a way of providing *sftp only* locked down areas.
(chroot for shell access probably works as well, but not recommended for all the historical reasons - copies it various /lib files, /dev etc etc)