On 9/18/06, Simon Slaytor <[EMAIL PROTECTED]> wrote:
I'm sure the people behind
http://chrootssh.sourceforge.net/index.php
would argue about it being impossible.
Before I saw the light and went OpenBSD I used these patches on an FC1
box and it worked like a charm, doing exactly what your after.
I've not tried to replace the OpenSSH install on OpenBSD with a patched
version always assuming it would break horribly.
Ofcourse patching is not right solution.
If you get it working let me know as I'd love to be able to chroot
SSH/SFTP again.
In my opinion the best and the most secure way is setup rssh. But
there are two problems. BSD systems are not supported and program wont
compile becouse of missing wordexp() function. Secondly sftp-server
requires /dev/null device in chrooted environment so you cannot mount
/home partition as nodev.
Bambero wrote:
>> You can create a systrace policy for a sshd instance dedicated to sftp
>> service
>>
> This sems to be better way.
> Whatever, it will be nice to have builtin chroot in sftp-sever. Such
> in ftpd. But I suppose it's technicaly impossible.
>
> Thanks for help
> Bambero
