What is the easiest and cleanest way to create a chrooted SFTP on Centos 5.4?

Posted by benjisail on Server Fault See other posts from Server Fault or by benjisail
Published on 2010-03-10T09:28:55Z Indexed on 2010/03/22 22:01 UTC
Read the original article Hit count: 356

Filed under:

sftp

|

chroot

|

centos

|

openssh

Hi,

I would like to setup a SFTP with chroot (or equivalent) login to my Centos 5.4 server in a clean way. By clean way I mean by using only the YUM command if possible and with something easy to maintain and easy to extend (for example an easy way to add an extra SFTP user).

The problem with CentOS 5.4 is that OpenSSH is at version 4.3 in the repository so it is not possible to use the built in chroot capabilities of OpenSSH 4.8+.

Installing RSSH required to create manually a chrooted directory which don't seems easy to maintain to me.

MySecureShell is an other solution but it require an higher version of openSSL than the one which is in the repository.

I know that I could install manually an higher version of OpenSSH but I would lose all the advantage of the Yum command and it could become tricky to maintain if I want to do some updates in the futur...

Do you have an easy and clean way to setup a chrooted SFTP login on a centOS 5.4 server?

Thanks!

© Server Fault or respective owner

Related posts about sftp

Need a non-GUI SFTP tool better than "sftp"

as seen on Super User - Search for 'Super User'
'sftp' is seriously lacking relative to, say, ncftp: it has no command memory, no Tab-completion of file names, and so on. Is there a non-GUI tool for SFTP that people recommend? >>> More
Need a non-GUI SFTP tool better than "sftp"

as seen on Server Fault - Search for 'Server Fault'
'sftp' is seriously lacking relative to, say, ncftp: it has no command memory, no Tab-completion of file names, and so on. Is there a non-GUI tool for SFTP that people recommend? >>> More
SFTP jail & Keeping file ownership the same / File owner per folder

as seen on Server Fault - Search for 'Server Fault'
I want to setup a jailed SFTP account for a subfolder of another user's home folder, but want the owner of everything in that subfolder to stay the same, including new files and folders uploaded and created by the sftp user, while still allowing access to the files and folders of that subfolder as… >>> More
Enabling SFTP Access within PLESK

as seen on Server Fault - Search for 'Server Fault'
Hello everyone, I have a client who wants to ensure his upload is secure, so we are trying to enable SFTP for him on our Linux PLESK server. I have enabled SSH access to bin/bash for FTP accounts, and created a new user. When I attempt to SFTP using either the IP address or the domain name, this… >>> More
Free solution to backup folders to external SFTP server with shadow copy

as seen on Super User - Search for 'Super User'
I have an account in university on Linux machine with 10TB of free space accessible via SFTP. I would like to backup my Windows 7 x64 laptop to university. Currently I am using rsync+cygwin, but backup is pretty slow (without shadow copy) and I hate console window appearing every day on my screen… >>> More

Related posts about chroot

Chroot within chroot

as seen on Server Fault - Search for 'Server Fault'
I'm using Centos 5.2 and when I try to make a chroot jail using the script, I get: Copying libraries for /usr/bin/scp. (0x00007fff17bfe000) cp: cannot stat `(0x00007fff17bfe000)': No such file or directory ... I am currently using on a rackspace cloud server so i suspect that these dependencies… >>> More
start apache2 in chroot environment

as seen on Server Fault - Search for 'Server Fault'
This is my first time I am trying to install Apache2 HTTP server in a chroot environment. That's why i decided to follow this procedure : http://www.symantec.com/connect/articles/securing-apache-2-step-step my web server start with successful : root@ubuntu:/usr/local/apache2/bin/apachectl start [Tue… >>> More
OpenSSH SFTP server with chroot() + user with chroot exception

as seen on Server Fault - Search for 'Server Fault'
I am currently setting up an SFTP server but there is one detail I can't seem to figure out. When I add a user, I would like him to connect using his client and be able to write in his "root dir" right away. My Match case for the SFTP-users group currently has ChrootDirectory set as "/home/%u",… >>> More
Chroot into a 32 bit version of ubuntu from a 64 bit host

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a piece of software that only runs on 32 bit linux (Xilinx webPack 10.1, apperently it 'has' to be the old version because that's the latest one compatible with their boards), anyway, this version is only compatible with 32 bit linux. So, I head off to this page to see what I can do: https://help… >>> More
Chroot with CentOS 5.3 + openssh 4.3p2

as seen on Server Fault - Search for 'Server Fault'
OS: CentOS 5.3, with openssh 4.3p2 Trying to set 'chroot' in ssh shell, but openssh version prior to 4.8 doesn't take below settings. yum update openssh open up to version 4.3 which is quite old. Doesn't CentOS support openssh 4.8 or up? If that's the case, how to set chroot with openssh 4.3? or… >>> More