Finally managed to create a jailed SFTP server, but how secure?

Roger Wells
Fri Dec 5 21:19:00 GMT 2008

TheO wrote:
>> From what we've seen so far, it seems that SFTP responds as expected.
>> That is all that I want to know.
>> From this point forward, we must try to close all other access ways
>> that does not belong to the scenario... but those are not excuses to
>> not implement the SFTP chroot.
> Actually, my real case is even simpler than this. My SFTP users are all "friendly", 
> they are not unknown to me. It is a cooperative environment and to be honest, I 
> don't believe that they would harm my system by hacking into it.
> But I don't want them to poke around and see the content of other directories which
> do not concern them, read my config files, see who other users are or list the content
> of my C: drive, ...
> Yes so far the set up looks as expected. However, I would have preferred better if
> /cygdrive was not visible too even if they can't do anything with it. Ideally there
> should not be anything which could give them any hint on the type of my platform.
if you are concerned about the "cygdrive" text there is a registry entry 
where you can set that to whatever you want including "". That is what I 
do. I would tell you what it is but my windows machine is not here right 
now. Then when you "ls /" you get /c, /d etc instead of /cygdrive/c, 
/cygdrive/d, etc.
roger wells
> I don't know who creates /cygdrive here. It is not required in this chroot'ed 
> environment. My guess, it is created by sftp-server at start up (regardless whether
> it runs under chroot'ed environment or not). Maybe someone can confirm this better than
> me.
> One more thing to add.
> According to its RFC (4254), once a session is established, SSH allows the client to specify
> anycommand to execute or any subsystem to be spawned on the server side.
> But I think I am safe here too because;
> 1. I only put sftp subsystem in the sshd_config so any other subsystem request will fail.
> 2. No command can be executed since it requires /bin/bash (or another shell as defined by
>    /etc/passwd) to be present in the jail.
> --
> Unsubscribe info:
> Problem reports:
> Documentation:
> FAQ:         

Roger Wells, P.E.
221 Third St
Newport, RI 02840
401-847-4210 (voice)
401-849-1585 (fax)

Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list