On Tue, Mar 01, 2011 at 08:16:52PM -0500, Nico Kadel-Garcia wrote: > > 2011/3/1 Stephen Harris <lists at spuddy.org>: > >> OpenSSH5 requires nothing inside the jail area for chroot sftp; that's > >> why it's "sftp-internal". > They got that ***working***? I thought Theo had sworn that chroot > cages would never be supported this way, as a "fundamentally wrong" > approach! I've no idea of OpenBSDs SSH supports it, but OpenSSH portable does, and it works well as a way of providing *sftp only* locked down areas. (chroot for shell access probably works as well, but not recommended for all the historical reasons - copies it various /lib files, /dev etc etc) -- rgds Stephen