From a87f5083e8a39838c4da2dd232b91c63cc7d5f16 Mon Sep 17 00:00:00 2001 From: Malte Date: Sun, 10 Nov 2024 19:09:03 +0100 Subject: [PATCH] use internal sftp-server internal sftp-server is needed according to https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh as we want add a user who is only able to upload files in a chroot environment --- basics/ssh/sshd_config.jinja | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/basics/ssh/sshd_config.jinja b/basics/ssh/sshd_config.jinja index f1248ac..2352067 100644 --- a/basics/ssh/sshd_config.jinja +++ b/basics/ssh/sshd_config.jinja @@ -12,8 +12,4 @@ X11Forwarding {{ salt['pillar.get']('basics:ssh:x11_forwarding', 'no') }} PrintMotd no MaxStartups 5:50:30 AcceptEnv LANG LC_* -{% if grains.os_family == "Suse" %} -Subsystem sftp /usr/libexec/ssh/sftp-server -{% else %} -Subsystem sftp /usr/lib/openssh/sftp-server -{% endif %} +Subsystem sftp internal-sftp