Re: OpenSSH chroot.diff

From: Michael Robokoff (mrobo@ahpcrc.org)
Date: 02/06/03

  • Next message: James Dennis: "Re: OpenSSH chroot.diff"
    Date: Thu, 06 Feb 2003 08:08:39 -0600
    From: Michael Robokoff <mrobo@ahpcrc.org>
    To: secureshell@securityfocus.com
    
    

    I am building a RedHat 8 machine to replace my RedHat 7.2
    machine. On my RedHat 7.2 machine I have ftp setup with chroot
    for all users. I want to do the same with sftp and leave regular
    ftp off the system. Where can I get the info on how to do this
    and is there a plan to incorporate this feature into sftp eventually?

    Thanks for any info (url's, howto's, personal experience, whatever)

    --Mike

    SBONNET@mediametrie.fr wrote:
    > Hi there,
    >
    > I have one question about openssh developpement. There is perhaps one year,
    > i heard about a patch chroot.diff.
    > This patch apply on openssh source code allowed to chroot automatically
    > users want to connect to the server, with a special syntax in /etc/passwd.
    > I don't reach to use this patch in freebsd but many guys reached to do that
    > with openbsd.
    >
    > Anyone can said to me if this patch is available on freebsd 4.5 ? I don't
    > find the patch in the source code of openssh 3.5 ...
    >
    > Thx for all your reply,
    >
    > Stephen



    Relevant Pages

    • Re: chroot, scp and security on RedHat 8.0
      ... > chroot jail if a key file exists in the home directory of the login ... instead of the chroot openssh patch to several people, ...
      (Focus-Linux)
    • Re: TCP sequence predictability - RH7.0
      ... >> For HP-UX I have been able to find patches. ... >> there any official RedHat notice about RFC 1948 support. ... >> evidence as to why there is no patch if i cannot find the patch. ... > have to patch the generic kernel sources, not a customized source like the ...
      (comp.os.linux.security)
    • Sun equivalent of Redhat Satellite (for centralized patch management)
      ... Sun has had a solution available for some time that can patch Solaris, ... c)suppose I have multiple versions of Solaris and several versions of Redhat ... this Sun product needs subscription to Redhat as well? ...
      (SunManagers)
    • Re: CHROOT patch openssh3.4p1
      ... There's a 3.1p1 compatible patch, ... >> to the configure.ac script and has a widget for building new chroot ... target directories, it's entirely incompatible in its current release with a ... adding another new user (for the sshd root cage) requires co-evolution ...
      (comp.security.ssh)
    • Re: Init.c, making it chroot
      ... Since FreeBSD has kenv, the patch is ... There's code in init to mount devfs, ... Once we chroot, we need to have a sane environment inside the chroot. ...
      (freebsd-hackers)