The Greatest Linux Blog on the Internets. » read post

Serve files via scp or sftp, without giving full shell access to users

  • March 1st, 2008

The scp and sftp commands, as part of the OpenSSH suite, are great secure ways to transfer files around … they generally make a great secure alternative to FTP. However, I’d often wondered if there was a way of allowing file transfer with scp or sftp without giving users a full SSH-accessible shell account on my machine. Who knows what they may run :P

Ubuntu Geek has the answer, with this quick writeup on how to install and configure scponly.

scponly runs in a chrooted environment (under /home/scponly by default), which in theory should stop users fiddling with your machine via ssh, but will still give them read/write access to the incoming directory within the chrooted directory tree.

I probably wouldn’t trust it for unrestricted public access (since I’m just paranoid about things like this, unless it’s a really well known tool on a properly secured server), but it certainly would be useful for friends, family, colleagues and collaborators.


Links in this article


Related posts:

  • Edit remote files over SSH / SCP using GVim
  • Mounting USB key in Ubuntu Gutsy 7.10, the usefree error
  • Replacing tabs with spaces in Python code

    • Trackback URL for this post: http://linuxblog.pansapiens.com/2008/03/01/serve-files-via-scp-without-giving-shell-access-to-users/trackback/

    Want your say?

    XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>