Re: Chroot Jail for SSH
From: Nico Kadel-Garcia (nkadel@bellatlantic.net)Date: 01/11/02
- Next message: Richard E. Silverman: "Re: ssh port forwarding problem"
- Previous message: dps1: "Re: ssh login script"
- In reply to: Tomas Byrnes: "Chroot Jail for SSH"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Nico Kadel-Garcia" <nkadel@bellatlantic.net> Date: Fri, 11 Jan 2002 02:28:57 GMT
"Tomas Byrnes" <tomb@NOSPAMbyrneit.net> wrote in message
news:Xns91926680EB16Dtombbyrneitnet@24.0.3.73...
> Does anyone know how to JAIL an SSH and SFTP session to their home
> directory? (Linux 7.2, Openssh)
>
> Adding /./. at the end of the home directory in etc/passwd has them come
in
> with their home chrooted, but a simple cd .. (or cd /etc, which I'm more
> worried about) gets them out of it. Ditto for sftp sessions (absolute path
> in windows works to change to any directory).
If "cd .." gets them out of the jail, then they are not chrooted. I recently
published an updated patch for OpenSSH 3.0.2p1 (based on someone else's
original patch) to do the chroot from sshd, but you also need the local
environment created correctly for the user with the key binaries and a
usable shell with any required libraries.
Which OpenSSH version are you using, and did you apply the patch?
- Next message: Richard E. Silverman: "Re: ssh port forwarding problem"
- Previous message: dps1: "Re: ssh login script"
- In reply to: Tomas Byrnes: "Chroot Jail for SSH"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
