Can anyone tell me how to get scponly Jail for SFTP/SSH - The whole server is "open for everyone"

Hi Guys!

Is there anyone who can tell me how to get a secure and locked down SFTP/SSH to user home directory.

I don't want to use FTP (ProFDPd), due to security reasons... every one tells me so anyway.

Started to use SFTP/SSH instead... an even BIGGER security problem because the whole server is open for everyone all the way down to / ohh yes, except for other user homes.

I find Scponly as an shell option, but I don't know how to configure and/or build the jail.

BTW, our box is a Fedora Core 6 and Virtualmin Pro.

Regards, Leif

actually, this would interest me as well. i want to get rid of ftp, yet not allow users to see anything else but their home. i know they potentially can do that via php or cgi scripts or whatever, but still a non-chrooted scponly is like leaving your courtains open and invite people to look around. for this reason i still have ssh disabled and ftp enabled for all users, but really would like to change that in the future. has anyone set up a chrooted scponly successfully on a virtualmin system?

actually, this would interest me as well. i want to get rid of ftp, yet not allow users to see anything else but their home. i know they potentially can do that via php or cgi scripts or whatever, but still a non-chrooted scponly is like leaving your courtains open and invite people to look around. for this reason i still have ssh disabled and ftp enabled for all users, but really would like to change that in the future. has anyone set up a chrooted scponly successfully on a virtualmin system?

moskit's picture
Submitted by moskit on Fri, 03/19/2010 - 10:13 Pro Licensee

I'm interested in too! How to get a secure and locked down SFTP/SSH to user home directory?

i setup FTPES (SSL) with proftpd, altthough for somer eason the clients complain aobut the certificate... but it's a start :P