From ArchWiki
Revision as of 21:05, 7 September 2011 by Bluewanders (talk | contribs) (Setup)
Jump to: navigation, search


Scponly is a limited shell for allowing users scp/sftp access and only scp/sftp access to your box. Additionally, you can setup scponly to chroot the user into a particular directory increasing the level of security.



This guide assumes that you have the Template:Codeline daemon installed, configured, and running.


Scponly resides in [community] and can be installed like any other package:


If you have a user already created, simply set the user's shell to scponly


That's it. Go ahead and test it using your favorite sftp client.

Adding a chroot jail

  • Create chroot
# cd /usr/share/doc/scponly/
# ./ 
  • Provide answers
  • Check that /path/to/chroot has root:root owner and r-x for others
  • Change shell for selected user to /usr/sbin/scponlyc
  • sftp-server may require some libnss modules such as libnss_files. Copy them to chroot's /lib