This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: SFTP doesn't work with ChrootDirectory option set

Actually my real objective is to use chroot for SFTP. I am planning to disable ssh login in the final configuration, I was using ssh just for testing the sshd capability for chrooting.

--- On Mon, 11/17/08, Eric Blake <> wrote:

> From: Eric Blake <>
> Subject: Re: SFTP doesn't work with ChrootDirectory option set
> To:,
> Date: Monday, November 17, 2008, 9:33 PM
> Hash: SHA1
> According to TheO on 11/17/2008 2:24 PM:
> > Hi,
> > 
> > I have Cygwin with OpenSSH version 5.1p1-9 installed.
> > 
> > I managed to make ssh with chroot to work by using
> ChrootDirectory in sshd_config and copying /bin/bash to the
> chroot directory.
> chroot on cygwin is NOT a security measure; it is just an
> emulation to
> ease porting.  The API exists, and allows cygwin apps to
> recognize a
> different root.  But the fact remains that you can spawn a
> non-cygwin
> program, which doesn't honor the chroot, and all files
> outside of the
> chroot area are once again accessible.  Therefore, if
> chroot doesn't add
> security, then why should ssh, which is all about security,
> even try to
> honor ChrootDirectory?
> - --
> Don't work too hard, make some time for fun as well!
> Eric Blake   
> Version: GnuPG v1.4.9 (Cygwin)
> Comment: Public key at
> Comment: Using GnuPG with Mozilla -
> =50X0


Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]