The following message is a courtesy copy of an article that has been posted to comp.security.unix,comp.os.linux.security as well. On our servers there exist serveral chroot accounts where users can log in and find themselves caged in their home directory. This works for telnet, ftp and ssh (OpenSSH 2.5.1). However, scp and sftp can't be used with these accounts, they simply hang after authentication. Searching the net I found that that's a known problem and that it could be solved using ssh3 (which is not an option for me) or a chroot-patch for OpenSSH together with statically compiled ssh binaries. The latter one didn't work for me and I'm wondering if anybody has another solution for the problem that a) works with OpenSSH and b) does not require to change /etc/passwd. Ulf -- not a real signature