Finally managed to create a jailed SFTP server, but how secure?
Fri Dec 5 19:47:00 GMT 2008
> From what we've seen so far, it seems that SFTP responds as expected.
> That is all that I want to know.
> From this point forward, we must try to close all other access ways
> that does not belong to the scenario... but those are not excuses to
> not implement the SFTP chroot.
Actually, my real case is even simpler than this. My SFTP users are all "friendly",
they are not unknown to me. It is a cooperative environment and to be honest, I
don't believe that they would harm my system by hacking into it.
But I don't want them to poke around and see the content of other directories which
do not concern them, read my config files, see who other users are or list the content
of my C: drive, ...
Yes so far the set up looks as expected. However, I would have preferred better if
/cygdrive was not visible too even if they can't do anything with it. Ideally there
should not be anything which could give them any hint on the type of my platform.
I don't know who creates /cygdrive here. It is not required in this chroot'ed
environment. My guess, it is created by sftp-server at start up (regardless whether
it runs under chroot'ed environment or not). Maybe someone can confirm this better than
One more thing to add.
According to its RFC (4254), once a session is established, SSH allows the client to specify
anycommand to execute or any subsystem to be spawned on the server side.
But I think I am safe here too because;
1. I only put sftp subsystem in the sshd_config so any other subsystem request will fail.
2. No command can be executed since it requires /bin/bash (or another shell as defined by
/etc/passwd) to be present in the jail.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
More information about the Cygwin