From owner-freebsd-questions  Wed Apr 17 17:33: 6 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from squid.tznet.com (squid.tznet.com [66.170.64.7])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4804037B404; Wed, 17 Apr 2002 17:33:01 -0700 (PDT)
Received: from mail.tznet.com (mail.tznet.com [66.170.64.2])
	by squid.tznet.com (8.11.2/8.11.2) with ESMTP id g3I0Wsf24142;
	Wed, 17 Apr 2002 19:32:54 -0500 (CDT)
Date: Wed, 17 Apr 2002 19:32:54 -0500 (CDT)
From: Scott Pilz <tech@tznet.com>
To: freebsd-questions@freebsd.org
Cc: freebsd-isp@freebsd.org
Subject: Secure Shell/FTP Questions
Message-ID: <20020417192702.P43790-100000@mail.tznet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


	I have two questions that no one seems to be able to answer for me
- nor can I find any straight forward answers over the internet. This is
my last hope . . .

	#1: sshd is enabled, and works - however, to my understanding you
cannot have secure ftp connections chrooted directly to the users home
directory like you can on normal FTP by putting the username in
/etc/ftpchroot. Can this be done? Is there another freeware program for
BSD that supports SSH/FTP that can do this?

	#2: What are you using for secure shells? I am currently using the
program chrsh which uses the chroot(8). It works well, but this comes to a
problem. For every program that people want to use, it has to be copied
into their bin directory. They cannot leave their chroot (their home
directory) but if they require so many programs, it's nearly impossible to
get many of them to work (for example, perl compiler which requires
multiple dependents).

	Lastly, what are most ISP's doing as far as secure shells and what
not? Is this the popular way of doing it, or is there a better way out
there?

	thanks in advance,

Scott


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message