AW: sftponly

Why isn't it possible to use an mechanism like it is provided with the open source software proftpd for ftp? This server sets up virtual ftp servers and accounts, doesn't use the /etc/passwd for the user administration and has the possibility to simulate the home directory for each user as the root directory. There is no possibility for the user to break out. I know that the SFTP and SCP are just subprocesses of ssh, but perhaps there is a possibility in the future to change the working mechanism of the sftp/scp servers in order to support such features. In my opinion, what we have at this time with the sftp server is very basic.

Regards

Michael Eisele

T-Systems International GmbH
Computing & Desktop Services
BusinessConnect Services BCS/C

Postanschrift: Postfach 100258, D-70746 Leinfelden-Echterdingen Hausadresse: Fasanenweg 11, D-70771 Leinfelden-Echterdingen

Telefon: +49 (711) 972 - 49490
Telefax: +49 (711) 972 - 95949
E-Mail: michael.eisele@t-systems.com
Internet: http:://www.t-systems.com

> -----Ursprüngliche Nachricht-----
> Von: Tim Greer [mailto:chatmaster@charter.net]
> Gesendet: Montag, 23. Juni 2003 17:47
> An: Dan Gapinski; filipi@em.pucrs.br; Yukinori Shishime
> Cc: secureshell@securityfocus.com; yuki@mbc.ocn.ne.jp
> Betreff: Re: sftponly
>
>
> Agreed. Chrooting is not the end-all solution and can be
http://www.securityfocus.com/archive/121/318568/2003-04-09/2003-04-15/1
> > >
> > > Subject: SFTP without SSH session access
>
> Received on Tue Jun 24 12:12:23 2003