[CentOS] Chrooting SFTP over SSH2

Wed Sep 5 16:08:59 UTC 2007
Johnn Tan <linuxweb at gmail.com>

Nigel Kendrick wrote:
> As per the subject line - if I look up setting up chroot jails for SFTP over
> SSH2 I'm led to various Web sites and patches and also to a CentOS wiki page
> dated 2005, but what's the 'best' or 'correct' way to set this up for Centos
> 4.5 and 5?

Yeah, it's going to be a patch/hack until chroot is native 
to openssh which might never happen.

rssh and scponly are the two to look at (I use rssh).

If sftp is not a requirement, you should really look into 
ftp/tls aka ftps. You can use vsftpd and it natively does 
chroot and even virtual users. A simple config change to do 
tls and you get certificate-based security.

Also, nearly every Windows & Mac gui ftp client supports 
ftps for free or in their "basic" version (some clients 
require "pro" versions to get sftp capability).