Re: ssh chrooted enviroment WITHOUT /bin /etc /lib - etc etc in the users dir ?

From: teddy (mouschi@cheese-head-state.rr.com)
Date: 01/24/03


From: "teddy" <mouschi@cheese-head-state.rr.com>
Date: Fri, 24 Jan 2003 17:34:31 GMT


"Neil" <neil.mooney@cern.ch> wrote :
> Hi All

Hello

> I have been looking for a chroot patch to ssh for a while.
> I have seen and tried most of them , but they all seem to require that
> the user has a chroot enviroment in the home dir,
[snip the rest]

If you don't care that they can see each other's home directories, then you
can create a single chroot for them all with their actual homedirs within
it.

Chroot is /usr/chroot/
User's _Actual_ homedir would be /usr/chroot/home/teddy
When a user ftp://teddy@asdf/ they're put in /usr/chroot/home/teddy - no bin
dirs visible unless they 'cd ..'
When a user ssh teddy@asdf they're put in /usr/chroot/home/teddy - and can
use /usr/chroot/bin/bash

I don't know what you mean by bin/lib dirs confusing a user. If they're
gonna be ssh'ing in they know what it is.

-teddy



Relevant Pages

  • Re: FTPS Server?
    ... port numbers by deep packet inspection. ... client, but the underlying SSH protocol over the network is way, way ... See the chroot configuration in the man-page for sshd_config ... recommend running a separate instance on a separate port (if firewalls ...
    (freebsd-stable)
  • Re: FTP Access
    ... only allow SSH / SFTP. ... going outside their home directories. ... The SSH server supports an internal chroot option; ... only changes the "root directory", it does not relieve you of the ...
    (comp.os.linux.setup)
  • Re: chroot SSH users.
    ... Subsystem sftp internal-sftp ... SSH in the system. ... "Make sure chroot support was compiled in" ...
    (freebsd-questions)
  • Re: Need advice on setting of an SSH server for untrusted users
    ... > I've just set up an ssh server so that my customers can download code ... I've set up ssh so that it requires rsa authentication. ... There is a patch for openssh that will cause it to do a chroot like ... The issue with a chroot jail for ssh is that you have to hand-roll the ...
    (comp.os.linux.security)
  • Re: Problems with Sudo
    ... you can't sudo to root. ... SSH is generally allowed, all limitations should still apply including ... secure, the internet is a very dangerous place. ... allowing someone to break out of a chroot jail by simply logging back ...
    (Ubuntu)