December 3, 200916 yr Can scponly be installed on unRAID? I would like to offer file transfer over SSH but don't want to give console access. SCPonly is a good and easy way to combine both. Thanks Alphazo
December 16, 200916 yr Not sure about scponly, but openssh 5.1 (comes with unraid) is capable of jailing a user within a directory and providing sftp only access. Here is an example for user directory jail for all users with primary group sftponly. Match Group sftponly ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no
August 31, 201015 yr Author This is great information. It worked but I was unable to set the chrooted dir to a location withing /mnt/usr. What would be the right configuration if I have for example /mnt/user/remotebackup/joe and a user called joe belonging to the sftponly group? [EDIT] The following configuration works but only when using a chroot point outside /mnt/user. For example /mnt/disk3/mychrootpoint is ok. # chown root:root /mnt/disk3/backup/remoteuser # chmod 755 /mnt/disk3/backup/remoteuser # useradd remoteuser -g sftponly -s /bin/false -d /mnt/disk3/backup/remoteuser remoteuser # passwd remoteuser sshd_config Match Group sftponly ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no Then I stop/start sshd from a telnet session. Now if I simply replace /mnt/disk3/backup/remoteuser by a directory in the user share (e.g /mnt/user/backup/remoteuser) then it stops working and connection is dropped upon login. Thanks Alphazo [edit] It is probably related, sshd man page states: ChrootDirectory Specifies a path to chroot(2) to after authentication. This path, and all its components, must be root-owned directories that are not writable by any other user or group. In order to get it working with /mnt/usr/disk3 I had to make sure that /mnt /mnt/usr /mnt/usr/disk3 /mnt/usr/disk3/backup were all 755. The problem I see is that /mnt/user is not owned by root (500:500) and has 775 permission. Can that be changed to root:root / 755? [EDIT - Solved] Well, I'm answering my own posts. I can access a directory under /mnt/user if I "mount --bind" it inside my chrooted dir. Is there any limitation when using that solution (boot, array and system shutdown...) ? Thanks Alphazo
Archived
This topic is now archived and is closed to further replies.