I have been struggling with this for two days. I had this working easily in a previous version of FreeBSD using scponly. I am not sure but it appears to be broken now. I can scp to the sshd but not sftp. It errors with "Cannot initialize SFTP protocol. Is the host running a SFTP server?"
I have read several posts and threads regarding this problem but have not been able to come up with a solution. It appears that scponly now comes with a script that is to be run at start. I add it to my rc.conf and then try to run the script and this is what I get.
Since I am only a FreeBSD user and not a power user I have no idea why I am getting this error.
I also read that modern openssh includes a way to chroot users to their directory but I have not found any documentation explaining the process. I also see that it does it automatically if you have a /home/userdir/./ directory but I dont know how to create that.
Does anyone have any suggestions to help me get this working properly?
This is running inside of a jail btw but there are other things in the jail that I do not want the sftp/scp user to look at so I want them locked to their home dir.
this is FreeBSD 8.1-RELEASE
I have read several posts and threads regarding this problem but have not been able to come up with a solution. It appears that scponly now comes with a script that is to be run at start. I add it to my rc.conf and then try to run the script and this is what I get.
Code:
# /usr/local/etc/rc.d/scponlyc start
sftptest/dev
mount: dev : Operation not permitted
/usr/local/etc/rc.d/scponlyc: WARNING: devfs_domount(): Unable to mount devfs on /home/sftptest/dev
devfs rule: ioctl DEVFSIO_RGETNEXT: Operation not permitted
Since I am only a FreeBSD user and not a power user I have no idea why I am getting this error.
I also read that modern openssh includes a way to chroot users to their directory but I have not found any documentation explaining the process. I also see that it does it automatically if you have a /home/userdir/./ directory but I dont know how to create that.
Does anyone have any suggestions to help me get this working properly?
This is running inside of a jail btw but there are other things in the jail that I do not want the sftp/scp user to look at so I want them locked to their home dir.
this is FreeBSD 8.1-RELEASE