chroot ssh/sftp on Tiger server

[jimlooney]

Hello,
I just noticed that when I moved from Leopard to Tiger, my FTP accounts now have shell access, thus SFTP access and they are not chrooted when using SFTP. I’ve read one site about installing scponly and building a new sftp server. [url]http://www.schwie.com/brad/macosxsftpchroot/[/url]

However, I am wondering if there is a better way to achieve chrooting ssh/sftp connections?

[jimlooney]

i was thinking “didn’t i do this before?”, so searched the site, and found an old post I did. Started to set up an access list but need to add root – possible? or does root remain immune to ACL?

[url]https://www.afp548.com/forum/viewtopic.php?forum=2&showtopic=11531[/url]

[jimlooney]

well i decided to just try it and guess what? root is not immune. So, anyone know how I can add root to the list?

[jimlooney]

nevermind. found the answer.

[code]sudo dseditgroup -o edit -a root -t user com.apple.access_ssh[/code]

[Author]

Posts