Anybody can to suggest to me a ftp software like proftpd or
wu-ftpd (ftp with chroot for users) implemented with tunneling under SSH.
Thanks in advance. Hugo.
From: Timothy Carey
After doing a little more research, I answered my own question. For
those interested, here's how to do it:
1) Download and install ssh from ssh.com with the following option
./configure --enable-static
make ; make install.. blah blah
2)cd into the account you want to be chrooted and do the following:
> mkdir bin
> cd bin
> cp /usr/local/bin/ssh-dummy-shell.static .
> cp /usr/local/bin/sftp-server2.static .
> ln -s ssh-dummy-shell.static ssh-dummy-shell
> ln -s sftp-server2.static sftp-server
3) Configure sshd2_config by adding the following line:
ChRootUsers user1,user2
-or-
ChRootGroups group1,group2
4) Change the chrooted users shell to /bin/ssh-dummy-shell in
/etc/passwd (NO.. not /usr/local/bin/ssh-dummy-shell.. just use
/bin/ssh-dummy-shell)
Fire up sshd, and you should be all set..
-Tim
This is the closest that I could find on chroot'ing sftp-server which is the sftp daemon that ships with OpenSSH.
http://www.der-keiler.de/Mailing-Lists/securityfocus/focus-linux/2001-11/0092.html
The other idea is to use passive ftp and manually create (or script) the creation of the SSH tunnel between client and server.
The sftp-server will allow a connected user to roam the filesystem (just gave it a try).