On Tue, Mar 1, 2011 at 9:20 AM, Eero Volotinen <eero.volotinen at iki.fi> wrote: > 2011/3/1 Stephen Harris <lists at spuddy.org>: >> On Tue, Mar 01, 2011 at 07:53:21AM -0500, Nico Kadel-Garcia wrote: >>> No, sftp is actually supported, somewhat, in OpenSSH 5 for this to >>> work well, which is not in CentOS 5, and integrating it to CentOS 5 is >>> problematic. It's also awkward to maintain, the chroot cages require >>> the relevant binaries nad libraries in each user's chroot cage. (I >>> used to publish the software changes for this, years back under SunOS >>> and RedHat 5.2, not RHEL 5.2). >> >> OpenSSH5 requires nothing inside the jail area for chroot sftp; that's >> why it's "sftp-internal". >> > > Is it possible to only chroot some users, not all. They got that ***working***? I thought Theo had sworn that chroot cages would never be supported this way, as a "fundamentally wrong" approach!