Re: Alternates to have the look of a CHROOT jail without it actually being a CHROOT
Brought to you by:
xystrus
From: Julien D. <ju...@jd...> - 2006-09-24 22:58:02
|
Hi, I have written a patch for OpenSSH 4.3p2 that can restrict a user in a directory tree (without chrooting). An argument to sftp-server is used to determine the path of the directory. I also wrote a patch for rssh 2.3.2 that makes it possible to assign a different directory to each user. You will find the files attached to this message. The tiny documentation might not be very accurate, don't hesitate to contact me if there is a problem. Note that OpenSSH 4.4p1, which will soon be released, will probably allow the patched sftp-server to work on a per-user basis without using rssh. Best regards, Julien Demoor > Dan wrote: > >> Hey, >> >> Do you know of a patch or something that can be applied to OpenSSH that >> can do the same thing? I'm running OpenSSH 4.3p2 and haven't found a >> patch to do this yet. All the patches I've found out there are about >> creating the full chroot jail which I don't want to do. >> >> Thanks, >> Dan > Mailing list subscriptions wrote: > >> El 23/09/2006, a las 21:22, Dan escribió: >> >> >>> Looking through multiple sites and looking at all of the different >>> strategies on locking a user into a particular set of directories. It >>> would seem that using chroot is the only way to accomplish this. I'm >>> trying to migrate from my old FTP server ProFTPd to using SFTP on >>> OpenSSH. >>> >> The commercial product available from ssh.com (not OpenSSH) has the >> option of limiting SFTP users to their homedirs; ie. it does the >> chrooting internally rather than relying on an externally process to >> do it. |