To: Peter Jeremy <PeterJeremy@optushome.com.au>
Date: Sun, 26 Sep 2004 00:20:05 +0200
Peter Jeremy <PeterJeremy@optushome.com.au> writes:
> Depending on how TCP wrappers are integrated into SSH, one possibility
> is that you need /var/empty/etc/hosts.{allow,deny}
no, hosts_access() is called before chroot().
DES
--
Dag-Erling Smørgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Re: Need advice on setting of an SSH server for untrusted users ... > I've just set up an ssh server so that my customers can download code ... I've set up ssh so that it requires rsa authentication. ... There is a patch for openssh that will cause it to do a chroot like ... The issue with a chroot jail for ssh is that you have to hand-roll the ... (comp.os.linux.security)
Re: Problems with Sudo ... you can't sudo to root. ...SSH is generally allowed, all limitations should still apply including ...secure, the internet is a very dangerous place. ... allowing someone to break out of a chroot jail by simply logging back ... (Ubuntu)
Re: sftponly ... provided the server is secure or what other services/interfaces you ... > I agree - chrooting is a good practice, and I wouldn't set SSH up without ... > you pair them with a chroot jail.... Of course they can do more with SSH access,... (SSH)
Re: Chroot environment for ssh ... > would like to use SSH for the connections, as opposed to FTP, but I ... > users to be able to log into an interactive shell and I ... > want them to 'escape' out of their home directories.... directives to chroot the groupand/or userthat are to have ... (FreeBSD-Security)
OpenSSH Chroot on AIX 5.2 ... I have built an environment I can chroot into with no problem. ... The problem is when I attempt to use ssh or sftp to login as the ...Connection to mftgw001 closed by remote host. ... (comp.security.ssh)
