Re: OpenSSH chroot.diff

From: Michael Robokoff (
Date: 02/06/03

  • Next message: James Dennis: "Re: OpenSSH chroot.diff"
    Date: Thu, 06 Feb 2003 08:08:39 -0600
    From: Michael Robokoff <>

    I am building a RedHat 8 machine to replace my RedHat 7.2
    machine. On my RedHat 7.2 machine I have ftp setup with chroot
    for all users. I want to do the same with sftp and leave regular
    ftp off the system. Where can I get the info on how to do this
    and is there a plan to incorporate this feature into sftp eventually?

    Thanks for any info (url's, howto's, personal experience, whatever)

    --Mike wrote:
    > Hi there,
    > I have one question about openssh developpement. There is perhaps one year,
    > i heard about a patch chroot.diff.
    > This patch apply on openssh source code allowed to chroot automatically
    > users want to connect to the server, with a special syntax in /etc/passwd.
    > I don't reach to use this patch in freebsd but many guys reached to do that
    > with openbsd.
    > Anyone can said to me if this patch is available on freebsd 4.5 ? I don't
    > find the patch in the source code of openssh 3.5 ...
    > Thx for all your reply,
    > Stephen

    Relevant Pages

    • Re: chroot, scp and security on RedHat 8.0
      ... > chroot jail if a key file exists in the home directory of the login ... instead of the chroot openssh patch to several people, ...
    • Re: CHROOT patch openssh3.4p1
      ... There's a 3.1p1 compatible patch, ... >> to the script and has a widget for building new chroot ... target directories, it's entirely incompatible in its current release with a ... adding another new user (for the sshd root cage) requires co-evolution ...
    • Re: Init.c, making it chroot
      ... Since FreeBSD has kenv, the patch is ... There's code in init to mount devfs, ... Once we chroot, we need to have a sane environment inside the chroot. ...
    • Re: svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelne
      ... Why doing a patch if you apparently don't care? ... These "safe" locations are never ... the chroot issue is not about ... Comment: Using GnuPG with Mozilla - ...
    • Re: TCP sequence predictability - RH7.0
      ... >> For HP-UX I have been able to find patches. ... >> there any official RedHat notice about RFC 1948 support. ... >> evidence as to why there is no patch if i cannot find the patch. ... > have to patch the generic kernel sources, not a customized source like the ...