Install
apt-get update
apt-get install scponly
Reconfigure scponly to do chrooting.
dpkg-reconfigure scponly
Setup chroot
Debian has a script to help you with this task, but it's not without problems.
cd /usr/share/doc/scponly/setup_chroot
gunzip setup_chroot.sh.gz
sh setup_chroot.sh
> maybe use in/ instead of incoming/ ;)
Fixing chroot made by the script
And there are the problems:
- The chroot is not working
- Chroot is not updated as setup_chroot.sh just use cp
The first is not that hard to fix:
cp /lib64/ld-linux-x86-64.so.2 /home/scponly/lib
ln -s lib /home/scponly/lib64
mkdir /home/scponly/dev
cp -a /dev/null /home/scponly/dev
Fix for Winscp and some other clients
Compile this small programm to groups and copy it to /home/scponly/bin.
#include <string.h>
main()
{
const char out[] = "root users\n";
write(1, out, strlen(out));
return 0;
}
diet gcc -O2 -s groups.c -o groups
cp groups /home/scponly/bin
Done
There is now a fully working chrooted scponly environment.
To upload something:
scp <FILE> scponly@<HOST>:in/
In my next post i'll descibe a possible solution for a chroot setup without any hassels and need to keep it in sync with the host-system.
Owner login
