[CentOS] rssh / scponly

Sun Mar 27 23:12:20 UTC 2011
Eero Volotinen <eero.volotinen at iki.fi>

2011/3/28 Rainer Duffner <rainer at ultra-secure.de>:
>
> Am 27.03.2011 um 22:57 schrieb John R Pierce:
>
>> On 03/27/11 1:03 PM, Rainer Duffner wrote:
>>> If you use sftp, it can be chroot'ed by default (see man-page).
>>> (In reasonably recent version of sshd)
>>
>> I gather thats a sshd somewhat newer than the one included in CentOS 5
>> ?
>
>
> I don't know.
> ;-)
> I only used it in FreeBSD - but it's included there since at least 7.2.
> That was released in May 2009.
> OpenSSH 5.1p1
>
> Looking, sshd in my latest CentOS shows v 4.6p2

rhel / centos contains openssh with backported chroot:

rpm -q --changelog openssh-server | grep chroot
- minimize chroot patch to be compatible with upstream (#522141)
- tiny change in chroot sftp capability into openssh-server solve ls
speed problem (#440240)
- add chroot sftp capability into openssh-server (#440240)
- enable the subprocess in chroot to send messages to system log

--
Eero


--
Eero