sftp and chroot

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi everybody,

First, sorry for my bad english.

I have installed a secure ftp server and is "chrooted".

When a chrooted user log with ssh, no problem. The user is jailed in
this home directory.

But, with sftp, i have a error message after entering password.

$sftp -vvv toto@sftp_server output:

debug3: packet_send2: adding 48 (len 61 padlen 19 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: ssh-userauth2 successful: method password
debug1: fd 4 setting O_NONBLOCK
debug2: fd 5 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug1: send channel open 0
debug1: Entering interactive session.
debug2: callback start
debug1: ssh_session2_setup: id 0
debug1: Sending subsystem: sftp
debug1: channel request 0: subsystem
debug2: callback done
debug1: channel 0: open confirm rwindow 0 rmax 32768

Received disconnect from xxx.xxx.xxx.xxx: 2: Could not create socket
pairs: No such file or directory

debug1: Calling cleanup 0x805b060(0x0)
debug1: channel_free: channel 0: client-session, nchannels 1 debug3:
channel_free: status: The following connections are open:
  #0 client-session (t4 r0 i0/0 o0/0 fd 4/5)

debug3: channel_close_fds: channel 0: r 4 w 5 e 6
debug1: Calling cleanup 0x80674d0(0x0)
Couldn't read packet: Connection reset by peer

I have try sftp without chroot and it works fine.

Anybody help me?

Thanks in advance,


Re: sftp and chroot

On Thu, 12 Feb 2004 15:41:10 +0100, Valhalla wrote:
Quoted text here. Click to load it

I do not know much in this subject, but I think your problem that many
files and directorys aren't available after doing the chroot.
Think about this: If your home directory becomes your root-dir, you havn't
any /dev files/directory and even no /bin, ...
So there is much to do if you want to set up such a chroot configuration.
Hope this helps.


Re: sftp and chroot

Quoted text here. Click to load it

Given the correct operation of ssh in the chroot cage, whatever does one
need SFTP for? Why not use a graphical SCP client, which overall will give
you exactly the same results?

SFTP seems to be an unfortunately failed attempt to provide an FTP-like
client on top of SSH. Since the typical server version of it lacks critical
FTP commands like "mget", "mput" due to its refusal to incorporate
"globbing", it doesn't support "ls -lR", and since it does not understand
how to correctly transfer symbolic links as anything other than the files or
directories they point to, I find it completely useless.

In fact, most cases of needing an SSH chroot cage are more easily and better
served by using WebDAV riding on top of Apache with SSL, providing built-in
access via Windows2K, Windows XP, most Linux distributions, and trivial
access for Macintoshes and other platforms with the "WebDAV" based Java

Site Timeline