Since Solaris doesn't like static binaries much it is a little
more difficult, but doable.
The easiest and quickest way is to setup the commercial version of
ssh and do the following.
1) Setup the user as a chroot user or chroot group via the
sshd2_config file.
2) Following the Solaris instructions for in.ftpd on setting
up the devices and needed libaries
for anonymous users. ( This is the quickest way, you can
trim this down if you need to though).
3) Add any libraries you might need for ssh into the users
lib directory.
4) Change there shell to /usr/lib/rsh (
Restricted Shell for further control )
5) Create there .profile and lock it down as root owned and
then setup any binaries they need in there home directory.
That should be it.
-Todd Wilkinson
[EMAIL PROTECTED]
At 02:21 PM 9/9/01 +0200, Jörgen Tapani wrote:
>Is there any way to 'chroot' the client login.
>like in ftpd, from the users home directory string in /etc/passwd.
>
>Since the system login is made by sshd before any subsystems starts, like
>a shell or sftp-server, there should be a lethal way to root trap clients
>in sshd.
>
>Are there?
>
>No i'm new in this group so dont jump me yet!
>
>
>best....
>[EMAIL PROTECTED]
