X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
References: <664060 DOT 6380 DOT qm AT web34704 DOT mail DOT mud DOT yahoo DOT com> <49341625 DOT 2090804 AT cygwin DOT com> <933558 DOT 98400 DOT qm AT web34705 DOT mail DOT mud DOT yahoo DOT com> <4934527E DOT 2070200 AT cygwin DOT com> <961872 DOT 64997 DOT qm AT web34701 DOT mail DOT mud DOT yahoo DOT com> <493568B8 DOT 3010308 AT cygwin DOT com> <49376 DOT 99112 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <20081202231141 DOT GA5449 AT ednor DOT casa DOT cgf DOT cx> <451120 DOT 45664 DOT qm AT web34703 DOT mail DOT mud DOT yahoo DOT com> <4935DD4B DOT 7050907 AT cygwin DOT com>
Date: Tue, 2 Dec 2008 23:29:57 -0800 (PST)
From: TheO <idgajelas AT yahoo DOT com>
Subject: Re: Finally managed to create a jailed SFTP server, but how secure?
To: cygwin AT cygwin DOT com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <690548.2534.qm@web34702.mail.mud.yahoo.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Hi again,

I am afraid I have to ask for clarification again :(, I hope this is the last 
time before I am on my own with this:



> 
> No, you cannot hide it.  It is created by Cygwin itself as a convenience
> to access the virtual 'cygdrive' directory.  This is one of a number of
> virtual directories ('/proc' and '/dev' come to mind) that Cygwin supports.
> See the description of "Special filenames" in the User's Guide for more
> details.
> 

I understand why all these virtual directories are necessary at the absolute
'/' root level. But here I refer to /cygdrive which is created inside the jail
directory, which means in absolute path, /jail/cygdrive (/jail being the root 
of my jail). Inside the jail, only /cygdrive is created, no other virtual 
directories (/proc or /dev/xxx) or files are created.



> 
> In 1.7, there is a
> new authentication module that will solve these and other pubkey
> authentication problems.  But 1.7 is not currently released and it's
> release date is not decided.
> 

Thanks for this input. I suppose that to be on safe side, I must restrict 
it to password based authentication only if I use the current Cygwin.



And finally one more question. I am only aware of two subsystems supported
by sshd more or less implicitely; sftp and shell (interactive logon). Is there
any other subsystems which are handled by sshd implicitely (without me having
to add anything to /etc/sshd_config)?

Thanks again.



      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/