From owner-freebsd-questions@FreeBSD.ORG Thu Dec 9 11:55:08 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A3677106566B for ; Thu, 9 Dec 2010 11:55:08 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by mx1.freebsd.org (Postfix) with ESMTP id 3B10E8FC08 for ; Thu, 9 Dec 2010 11:55:07 +0000 (UTC) Received: by qwj9 with SMTP id 9so2490469qwj.13 for ; Thu, 09 Dec 2010 03:55:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=jb8VcjmpJNbWPMpaoNycquvOuNEGoBiI+EUjBCl+B8c=; b=bu8WM13BX+uJp4sQvIpnbPV43L4yxWPaytHgmrkoM/RIxCkH+RLIeVgsquVWngY9ge A5hMqaCtbeHwYDTY49XdQGTxGbWx2FH+K1p+/6u/vNCsen1MV3uE1Va5mqL+ZC1m6cNk Ne3Y4FcaF/IphtFZ6GraCTf2BvhQ2922vOAtY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=wMYaY90SVqEKQ19WePiqahozrulyTSgXvnnhzeZIbW5X3mf0i0UeSYqUYtAY9vRWcc q5DlD8UA1syIh/XybfAMC3sXcySjE0HF4flaKl28dURJR3FHGzmboiLD1SvYdsjaFzKf 0YSJJEQ5+/T1CwLtI/EankoZgbxIqxdpvATeM= MIME-Version: 1.0 Received: by 10.229.91.147 with SMTP id n19mr7885015qcm.145.1291895707119; Thu, 09 Dec 2010 03:55:07 -0800 (PST) Received: by 10.229.217.210 with HTTP; Thu, 9 Dec 2010 03:55:06 -0800 (PST) In-Reply-To: References: <20101208155125.E6126@maildrop.int.zabbadoz.net> <20101208163047.S6126@maildrop.int.zabbadoz.net> <1865384339-1291839108-cardhu_decombobulator_blackberry.rim.net-1153938124-@bda947.bisx.prod.on.blackberry> Date: Thu, 9 Dec 2010 12:55:06 +0100 Message-ID: From: Redd Vinylene To: krad Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: joseph.bashe@gmail.com, questions , Chris Brennan Subject: Re: FTPD not working properly on jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Dec 2010 11:55:08 -0000 On Wed, Dec 8, 2010 at 11:24 PM, krad wrote: > > > On 8 December 2010 20:07, Joseph Bashe wrote: > >> But he mentioned he needs some sort of 'virtual' (I'm assuming chroot) >> feature; this is not possible with sftp afaik. >> . >> > > > Its totally possble to chroot the sftp, and I have done it several times. > Something like the below will isolate each user > > Match Group sftponly > ChrootDirectory /home/chroot/%u > > X11Forwarding no > AllowTcpForwarding no > ForceCommand internal-sftp > > > he might need something more like this so they can share data > > Match Group sftponly > > ChrootDirectory /home/chroot/ > X11Forwarding no > AllowTcpForwarding no > ForceCommand internal-sftp > > > I would love to try that sometime - but right now I have to get this regular ftp working. Just to recap - I'm trying to set up a virtual vsftpd-ssl-2.3.2 server so my band can share new tracks, production material and what not, but my SSL certificate keeps messing it up: http://pastie.org/1358536 - anybody know why? It works just fine when I disable the SSL. Many thanks!