Up-to-date alternatives of rssh or scponly
9,643
Solution 1
I recommend to just use the common chrooted internal-sftp that is included with most OpenSSH servers. SFTP clients are available on all operating systems so I do not see any problems with adoption.
You might also want to refer to this other serverfault question to allow SFTP but not SSH to assist you with your setup.
Solution 2
One possibility is ProFTPD's mod_sftp
module, which does just what you want (chroot, SCP/SFTP only, no shell).
Hope this helps!
Author by
Julen Larrucea
Updated on September 18, 2022Comments
-
Julen Larrucea over 1 year
I need:
- An scp and sftp server
- With chroot-ed environment
- With non-login (ssh not allowed for scp/sftp users)
Options and related issues I found:
scponly
- No updates since more than 6 years
- Does one really need to recompile the whole thing to make changes in the configuration??
rssh
- It is told to have plenty of security issues
- No updates since plenty of years
- The author himself says that "rssh is done. Period"
- Ubuntu seems to be maintaining it somehow. Unfortunately, I need it for a CentOS server
ssh-server
- It does the job with sftp and the chroot, but not with sftp
- Otherwise it seems quite OK
So, I was wondering what other options might be out there, or how does this particular issue get handled by others.
-
Julen Larrucea over 6 yearsWell... I followed your advice and stuck to the good old OpenSSH server for now. But that ProFTPD mentioned above sounds really good too, and it seems to support scp and plenty of other stuff.