The last releases of ProFTP contan a module, called mod_sftp. Yes. This is just the thing I was searching for years, trying to achive chrooted ssh with OpenSSH (see internal SFTP option), but now with a lot better solution.
But the thing is… Ubuntu’s last LTS, 10.04 only has a version lower of ProFTPd. Compile? Yes, one solution, the hardcore way. The lazy way: Debian Sid, the current unstable version, and it’s packages:
First, the two dependency package:
And the ProFTPd itself:
dpkg -i *
comment out the line, we don’t need it for now.
add a line
/etc/proftpd/proftpd.conf, and add the following:
<ifmodule mod_sftp.c> SFTPEngine on SFTPLog /var/log/proftpd/sftp.log TransferLog /var/log/proftpd/xferlog-sftp.log # Configure the server to listen on the normal SSH2 port, port 22 Port 22 # Configure both the RSA and DSA host keys, using the same host key # files that OpenSSH uses. SFTPHostKey /etc/ssh/ssh_host_rsa_key SFTPHostKey /etc/ssh/ssh_host_dsa_key # Configure the file used for comparing authorized public keys of users. SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys # Enable compression SFTPCompression delayed # Allow the same number of authentication attempts as OpenSSH. # # It is recommended that you explicitly configure MaxLoginAttempts # for your SSH2/SFTP instance to be higher than the normal # MaxLoginAttempts value for FTP, as there are more ways to authenticate # using SSH2. MaxLoginAttempts 3 </ifmodule>
You’ll also need the change the port of the OpenSSH server, but that’s recommended anyway.