| Paul DiSciascio on 6 Aug 2015 14:41:23 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users |
It looks like ProFTPD can provide mod_sftp which implements the ssh layer and the sftp subsystem. Using that instead of openssh should support the options discussed below. http://www.proftpd.org/docs/contrib/mod_sftp.html That said, if this is an openssh sftp configuration, I also cannot find any documentation to indicate that an .ftpaccess file would be honoured. ~Paul On 08/06/2015 05:33 PM, Matt Mossholder wrote: > On Thu, Aug 6, 2015 at 3:00 PM, Michael Lazin <microlaser@gmail.com > <mailto:microlaser@gmail.com>> wrote: > > a .ftpaccess like this should work: > > > <Limit STOR> > > Order Allow, Deny > Deny All > </Limit STOR> > > > I tested it on debian and it prevents both ftp and scp uploads. > > > Isn't .ftpaccess a ProFTPD thing, and not an SSH thing? Googling around > for combinations of ssh, scp and .ftpaccess doesn't make me think that > OpenSSH will honor .ftpaccess files, nor does the ProFTPD site make me > think ProFTPD handles scp or sftp.... > > --Matt > > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug