[CentOS] OpenSSH-5.3p1 selinux problem on CentOS-5.4.

James B. Byrne byrnejb at harte-lyne.ca
Thu Feb 4 15:18:14 UTC 2010


On Thu, February 4, 2010 10:08, Marc Wiatrowski wrote:
>
>>
>>
> Have you looked at using rssh as the users shell?  You can limit the
> user to a chroot sftp only. Its not stock, but ssh can then be.
>
> http://dag.wieers.com/rpm/packages/rssh/
>

I looked at rssh briefly yesterday when someone suggested it.  Had I
known of it before we started down this road then we might have used
it instead.  However, at the moment we seem to have a working
solution and so we will stick with that for now.

I am not sure what effect disabling SELinux support in SSH actually
has from a security standpoint.  So, if anyone cares to enlighten me
on the the consequences I would like to know.

Regards,


-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3




More information about the CentOS mailing list