Comments on Chrooted SFTP With MySecureShell On Debian Etch

Chrooted SFTP With MySecureShell On Debian Etch This tutorial shows how to install MySecureShell on a Debian Etch system. MySecureShell is an SFTP server that is based on OpenSSH and can be configured in many ways, e.g. it has support for chrooting users into their homedirs or for limiting upload-/download bandwidths. MySecureShell makes SFTP available for users that do not have shell access so that these users do not have to use the insecure FTP protocol anymore.

5 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By:
Reply  

Very nice howto however on Ubuntu Gutsy Gibbon there's libssl0.9.8 which is incompatible to the mysecureshell_0.95_i386.deb.

 But that's no big issue as you can easily compile this by hand:

 (1) install build-essential (if you haven't done so already)

sudo apt-get install build-essential

(2) download the sources

wget http://garr.dl.sourceforge.net/sourceforge/mysecureshell/MySecureShell-0.95_source.tgz

 (3) untar the sources

tar xvfz MySecureShell*

(4) cd into the dir

cd MySecureShell*

 (5) configure it

./configure

(6) compile it

make

(7) install it

sudo make install

although a friend has recommended to use rather checkinstall

sudo checkinstall

That's it :) 

By: Anonymous
Reply  

For debian testing which i happen to use there is repos also >

# MySecureShell

deb http://mysecureshell.free.fr/repository/debian testing main 
deb-src http://mysecureshell.free.fr/repository/debian testing main

but only for amd64 & i386 architectures it seems.
found it here > http://mysecureshell.free.fr/forum/viewtopic.php?id=16

By: Kalin Mandaliev
Reply  

Great job Falko. Very nice how to....  

By:
Reply  

I've had some problems with the server.
I could connect without errors but when I've tried to send a file an error showed up.

Changing settings in the configuration file helped.If You'd got similar problems,check these lines:

LimitConnection        10
LimitConnectionByUser    2
LimitConnectionByIP    2

and set them as needed but >1. 

By: Ladowny
Reply  

Great stuff, been looking for something like that for ages. However it took me some time to figure out why it does not chroot on one of machines, for an account with non-default home dir ( not /home/$user ),

It does not read the home dir from /etc/passwd, but from /etc/ssh/sftp_config 

I was getting access denied error for the home dir specified in /etc/passwd ( not /home/$user ) when issuing ls command, and pwd returned the complete dir not just "/"

 Sorted that by adding

<Group mygroup>
        Home                    /smysftpfolder/myuser
</Group>

to /etc/ssh/sftp_config