OpenSSH anything like 'internal-sftp' but for SCP?

ssh scp sftp chroot jail

Take a look at rssh which is an alternative shell that allows limited access to a system.

rssh is a restricted shell for providing limited access to a host via ssh(1), allowing a user whose shell is configured to rssh to use one or more of the command(s) scp(1), sftp(1) cvs(1), rdist(1), and rsync(1), and only those commands.

You can configure which commands can be used on a per-user or system wide basis using the rssh.conf file

Alternatively you can use scponly to do what you want. It acts as a wrapper to the ssh suite and allows file transfer but not shell access.


Do you need to do this through ssh?

IF so you can try setting their shell to:

/usr/libexec/openssh/sftp-server

And make sure you add the above into /etc/shells

If you want to decouple from using built in accounts, you can setup proftpd

I setup a secure SFTP using proftpd. compiled proftpd like so:

./configure --prefix=/usr --sysconfdir=/etc --with-modules=mod_sftp

Can use this article below, and some more on google on how to set it up:

http://tutorialgenius.blogspot.com/2012/02/linux-installing-and-configuring.html

Related

VPN: ERROR: Linux route add command failed
Which program defaults uses syslog local[0-7] facilities?
EC2 Update my existing AMI
nginx : no live upstreams while connecting to upstream
How do I forcibly unmount when I'm getting stale nfs file handles?
How does the ssh-keygen .pub format work with .pem files?
overriding nginx access_log directive - duplicate log entries
Setting Mercurial with Active Directory authentication and authorisation
What does the .autorelabel file do in Linux?
Can you determine which Apache modules have been used and can be removed?
Are ZFS clustered filesystems possible?
Can I replace my domain controller with Azure Active Directory? [duplicate]