How do I lock down sftp users in Cygwin so that they can't read from random directories such as /etc. i set up local windows accounts for each sftp user on the machine. I've used /etc/fstab file to move each user's home directory to c:/FTP. I've locked those down so the users can only access their own folder. I denied "list folder contents" on the Cygwin directories. The users can not see the directory structure when they sftp into the server. But the users can still download a file from the cygwin directories if they know the path.
Asked
Active
Viewed 508 times
0
-
Can you show the permissions on the Cygwin directories on your server? It sounds like the users you've created are not completely locked down. – Craig Nov 25 '14 at 15:10
-
The cygwin directories has everyone with read access. The problem is that those directories and sub directories and files are not setup to inherit permissions from parent directory. I think I would have to remove the access to "everyone" to every single file and folder maybe? – ajh4 Nov 25 '14 at 18:22
-
You could turn off bypass traverse checking. If it's not needed on that server. – Craig Nov 25 '14 at 18:24