[CentOS] RE: chroot over ssh
Kevan Benson
kbenson at a-1networks.com
Thu Nov 16 23:18:08 UTC 2006
On Wednesday 15 November 2006 19:14, Maciej Zenczykowski wrote:
> I have a yum repository at http://tcs.uj.edu.pl/~buildcentos/ which
> includes the centos ssh rebuilt with a tiny patch which makes sshd chroot
> on login if it sees a /./ in the users home directory.
This is especially nice as a solution for securing ftp/sftp access because you
can allow ftp chroots the using the same /./ in the passwd file through
vsftpd (although vsftpd doesn't require libs in the chroot, so it's not a
"true" chroot).
I assume you are using the chrootssh (http://chrootssh.sourceforge.net)
project's patch (as that's the name of the directory the rpms are in), which
is worth mentioning for the security conscious people out there who might
want to know how this was implemented.
--
- Kevan Benson
- A-1 Networks
More information about the CentOS
mailing list