Up-to-date alternatives of rssh or scponly

9,643

Solution 1

I recommend to just use the common chrooted internal-sftp that is included with most OpenSSH servers. SFTP clients are available on all operating systems so I do not see any problems with adoption.

You might also want to refer to this other serverfault question to allow SFTP but not SSH to assist you with your setup.

Solution 2

One possibility is ProFTPD's mod_sftp module, which does just what you want (chroot, SCP/SFTP only, no shell).

Hope this helps!

Share:
9,643
Julen Larrucea
Author by

Julen Larrucea

Updated on September 18, 2022

Comments

  • Julen Larrucea
    Julen Larrucea over 1 year

    I need:

    • An scp and sftp server
    • With chroot-ed environment
    • With non-login (ssh not allowed for scp/sftp users)

    Options and related issues I found:

    scponly

    • No updates since more than 6 years
    • Does one really need to recompile the whole thing to make changes in the configuration??

    rssh

    • It is told to have plenty of security issues
    • No updates since plenty of years
    • The author himself says that "rssh is done. Period"
    • Ubuntu seems to be maintaining it somehow. Unfortunately, I need it for a CentOS server

    ssh-server

    • It does the job with sftp and the chroot, but not with sftp
    • Otherwise it seems quite OK

    So, I was wondering what other options might be out there, or how does this particular issue get handled by others.

  • Julen Larrucea
    Julen Larrucea over 6 years
    Well... I followed your advice and stuck to the good old OpenSSH server for now. But that ProFTPD mentioned above sounds really good too, and it seems to support scp and plenty of other stuff.