[wplug] WedDAV, SFTP, chroot, oh my!

n schembr nschembr at yahoo.com
Fri May 30 15:32:45 EDT 2008


I've never had a need for this kind of work, but what about using two instances of sshd. Run one copy inside the jail and the other to access the system.

SFTP clients 
http://code.google.com/p/sshdrive/ is a new project, May 23.
http://www.sftpdrive.com/ is $39.00 per seat.
http://winscp.net/eng/index.php is gpl.

This might work. I can see using qemu or vmware server with a super small load. http://www.wynia.org/wordpress/2007/02/08/sshfs-on-windows-via-samba-shares-on-ubuntu-vmware/

----- Original Message ----
From: Scott F. Kiesling <kiesling+ at pitt.edu>
To: wplug at wplug.org
Sent: Friday, May 30, 2008 11:38:17 AM
Subject: [wplug] WedDAV, SFTP, chroot, oh my!

Hi WPLUGgers-

I have been trying to set up a small system so that I can
share some files among a small group of researchers. I had
used OpenGroupware for a while but have found it spotty, and
I only really need to have a place where the research team
can exchange files. I am running Archlinux on my main work
PC with a static IP address and domain name, so I thought
at first I would simply have severyone SCP or SFTP. 

But then I found WebDAV and it looked like exactly what I
needed. I have implemented it, but those colleagues using
windows find it very hard if not impossible to connect with
digest authentication. The problem is clearly windows and
I'm not sure there are any configuration tweaks left for me
to try!

I have gone back to SFTP, but I am not clear on how to use
the ChrootDirectory in OpenSSH to limit the directories my
users can get to (without limiting my own ability to ssh
into the box without a chroot jail). I do not want to let
them roam the entire directory structure and delete
something important.

That's what I've tried so far. Features I'm after:
1. Security
2. Ability to put and retrieve files (that's it).
3. Easy to connect to for users of any platform
4. Security

I'd especially like to hear if anyone has any suggestions I
haven't already tried.

Thanks
Scott



_______________________________________________
wplug mailing list
wplug at wplug.org
http://www.wplug.org/mailman/listinfo/wplug



More information about the wplug mailing list