[CentOS] Chroot'ed SSH
alain.terriault at mcgill.ca
Mon Jun 9 13:00:49 UTC 2008
easy way to get sshd ver.5 installed on centos5
rpmbuild --rebuild openssh-5.0p1-1.el5.hrb.src.rpm
worked for me .. but honestly, has excited has I was, I do not find
chroot to be that useful .. if I remember correctly, the chroot
directory has to be owned by root and was not possible with my setup.
"scponly" from from the EPEL Repositories
will give your users secure file transfers access without a terminal
"rssh" rssh is a restricted shell for use with OpenSSH, allowing only
scp and/or sftp. For example, if you have a server which you only want
to allow users to copy files off of via scp, without providing shell
access, you can use rssh to do that.
hope this help
Filipe Brandenburger wrote:
> Is anyone chrooting users that connect through SSH?
> I looked for it on Google and I basically saw several methods:
> - OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that
> probably could be rebuilt under CentOS 5)
> - There seem to be several patches for OpenSSH 4.x to do the chroot,
> the most popular seems to be http://chrootssh.sf.net/
> - There appears to be a pam_chroot
> - There are solutions based on setting the user's shell to a
> script/binary that does the chroot
> By quickly looking at yum list, it doesn't seem like neither RHEL nor
> CentOS directly support any of those, at least I didn't find any RPMs
> for any of those.
> If anyone is doing it, I would like to know what were your experiences
> and if you would recommend doing it or not.
> I'm specially interested in anything that doesn't involve replacing
> the OpenSSH that comes with CentOS, after all, that's what CentOS is
> all about, if you start replacing the pieces, what's the point...
> Thanks a lot!
> CentOS mailing list
> CentOS at centos.org
More information about the CentOS