On Sat, Jun 7, 2008 at 12:18 AM, Eric Wood eric@interplas.com wrote:
Just the other week sshd 4.9 enabled chroot for the first time I think. Fairly new stuff. You'll have to roll your own rpm for CentOS as it will be unlikely that they roll it - probably not even for 5.2 either.
Yeah, I was considering rebuilding FC9 RPM of OpenSSH 5.0 which would include the feature. However, I would rather avoid using an SSH server other than the one provided by CentOS, since the whole point of RHEL/CentOS is to have a certified platform, if you start replacing packages you might break that.
pam_chroot might get deprecated.
I was digging into the issue and I realised pam_chroot is actually installed in CentOS 5 by default:
$ rpm -ql pam.x86_64 | grep chroot /etc/security/chroot.conf /lib64/security/pam_chroot.so /usr/share/doc/pam-0.99.6.2/txts/README.pam_chroot
I googled around but I didn't find any howto's on how to enable it and set it up. Is anyone using it successfully? Does it integrate seamlessly with OpenSSH? How should I set it up?
Thanks! Filipe