X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
References: <664060.6380.qm@web34704.mail.mud.yahoo.com> <49341625.2090804@cygwin.com> <933558.98400.qm@web34705.mail.mud.yahoo.com> <4934527E.2070200@cygwin.com> <961872.64997.qm@web34701.mail.mud.yahoo.com> <493568B8.3010308@cygwin.com> <49376.99112.qm@web34702.mail.mud.yahoo.com> <20081202231141.GA5449@ednor.casa.cgf.cx> <451120.45664.qm@web34703.mail.mud.yahoo.com> <4935DD4B.7050907@cygwin.com>
Date: Tue, 2 Dec 2008 23:29:57 -0800 (PST)
From: TheO <idgajelas@yahoo.com>
Subject: Re: Finally managed to create a jailed SFTP server, but how secure?
To: cygwin@cygwin.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <690548.2534.qm@web34702.mail.mud.yahoo.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

Hi again,

I am afraid I have to ask for clarification again :(, I hope this is the last 
time before I am on my own with this:



> 
> No, you cannot hide it.  It is created by Cygwin itself as a convenience
> to access the virtual 'cygdrive' directory.  This is one of a number of
> virtual directories ('/proc' and '/dev' come to mind) that Cygwin supports.
> See the description of "Special filenames" in the User's Guide for more
> details.
> 

I understand why all these virtual directories are necessary at the absolute
'/' root level. But here I refer to /cygdrive which is created inside the jail
directory, which means in absolute path, /jail/cygdrive (/jail being the root 
of my jail). Inside the jail, only /cygdrive is created, no other virtual 
directories (/proc or /dev/xxx) or files are created.



> 
> In 1.7, there is a
> new authentication module that will solve these and other pubkey
> authentication problems.  But 1.7 is not currently released and it's
> release date is not decided.
> 

Thanks for this input. I suppose that to be on safe side, I must restrict 
it to password based authentication only if I use the current Cygwin.



And finally one more question. I am only aware of two subsystems supported
by sshd more or less implicitely; sftp and shell (interactive logon). Is there
any other subsystems which are handled by sshd implicitely (without me having
to add anything to /etc/sshd_config)?

Thanks again.



      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/