Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

scponly

Featured Replies

Can scponly be installed on unRAID?  I would like to offer file transfer over SSH but don't want to give console access. SCPonly is a good and easy way to combine both.

 

Thanks

Alphazo

  • 2 weeks later...

Not sure about scponly, but openssh 5.1 (comes with unraid) is capable of jailing a user within a directory and providing sftp only access.

Here is an example for user directory jail for all users with primary group sftponly.

 

Match Group sftponly

        ChrootDirectory %h

        ForceCommand internal-sftp

        AllowTcpForwarding no

 

  • 8 months later...
  • Author

This is great information. It worked but I was unable to set the chrooted dir to a location withing /mnt/usr. What would be the right configuration if I have for example /mnt/user/remotebackup/joe  and a user called joe belonging to the sftponly group?

 

[EDIT]

The following configuration works but only when using a chroot point outside /mnt/user. For example /mnt/disk3/mychrootpoint is ok.

 

# chown root:root /mnt/disk3/backup/remoteuser
# chmod 755 /mnt/disk3/backup/remoteuser
# useradd remoteuser -g sftponly -s /bin/false -d /mnt/disk3/backup/remoteuser remoteuser
# passwd remoteuser

 

sshd_config

Match Group sftponly
        ChrootDirectory %h
        ForceCommand internal-sftp
        AllowTcpForwarding no

 

Then I stop/start sshd from a telnet session.

 

Now if I simply replace /mnt/disk3/backup/remoteuser by a directory in the user share (e.g /mnt/user/backup/remoteuser) then it stops working and connection is dropped upon login.

 

Thanks

Alphazo

 

[edit]

It is probably related, sshd man page states:

 

ChrootDirectory
Specifies a path to chroot(2) to after authentication. This path, and all its components, must be root-owned directories that
are not writable by any other user or group. 

 

In order to get it working with /mnt/usr/disk3 I had to make sure that /mnt /mnt/usr /mnt/usr/disk3 /mnt/usr/disk3/backup were all 755.

 

The problem I see is that /mnt/user is not owned by root (500:500) and has 775 permission. Can that be changed to root:root / 755?

 

[EDIT - Solved]

Well, I'm answering my own posts. I can access a directory under /mnt/user if I "mount --bind" it inside my chrooted dir.

Is there any limitation when using that solution (boot, array and system shutdown...) ?

 

Thanks

Alphazo

 

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.