----Original Message----
From: Seth Arnold [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 5 March 2003 9:04 AM
To: [EMAIL PROTECTED]
Subject: Re: chroot, scp and security on RedHat 8.0
> I strongly recommend the patch approach. The patch is small, clean,
> easy to read, and should integrate painlessly into whatever package of
> OpenSSH you're running on your system.
>
> chroot environments are difficult to get right. Doing it in a shell
> script is asking for trouble. Someone else has already went to the
> trouble of patching OpenSSH to do it properly, and the chrootssh patch
> has had some review of the final product by interested people.
Another option I would suggest looking at is the scponly shell:
http://www.sublimation.org/scponly/
I have used chroot patched OpenSSH in the past but believe this to be a
cleaner and more manageable solution.
--
Andrew
This email with any attachments is confidential and may be subject to legal
privilege. If it is not intended for you please reply immediately, destroy
it and do not copy, disclose or use it in any way.
