I believe that scp and sftp both require shell access. For example
setting the user's shell to /bin/false creates a home directory for the
user which can be used to store files for proftpd sessions, however the
user would not be able to ssh, sftp or scp files. What exactly is your
goal? Do you need encryption on file uploads without shell access for
your users? While not an ideal solution, by any means there are a number
of open source utilities that run from a web browser which can be put on
ssl (https) from which the user can upload and download files securely
(when coupled with an adequate auth mechanism) As for the utilities
mentioned, I don't have any experience with those programs. Also, be
aware that jail shell and (IIRC) chroot jails can be circumvented. Hope
this helps point you in the right direction.
3715-B NW 97th Blvd.
Gainesville, FL 32606
Phone: (352) 332-3833
Fax: (352) 332-8252
Dan Stoner wrote:
> I want to allow users to upload files using sftp and scp in a web
> hosting environment.
> I don't want to give full shell access.
> The most popular choices (via google search) are rssh, scponly, or
> chroot jail.
> If you allow scp in your web hosting environments, how do you prevent
> shell access?
> Or... tell me why scp and sftp are silly and we should just use xyz
> Dan Stoner
> Network Administrator
> Florida Museum of Natural History
> University of Florida
> (352)392-1721 ext. 233