Re: [off-topic?] Chrooting ssh/telnet users?

To: debian-security@lists.debian.org
Subject: Re: [off-topic?] Chrooting ssh/telnet users?
From: Christian Kurz <shorty@debian.org>
Date: Fri, 26 Oct 2001 17:25:28 +0200
Message-id: <20011026172528.G4427@salem.getuid.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20011026151454.A10907@dat.etsit.upm.es>
References: <20011026151454.A10907@dat.etsit.upm.es>

On 26/10/01, Javier Fernández-Sanguino Peña wrote:
> The problem is, how can an admin restrict remote access from a given user
> (through telnet and/or sshd) in order to limit his "moves" inside the
> operating system.
[...]
> AFAIK, pam only allows to limit some user accesses (cores, memory
> limits..) not users "movement" in the OS

That's a wrong assumption. At least RedHat contains a pam_chroot.so
module which can be used in connection with the latest ssh to limit a
user into a chroot. I'm just wondering if that module is packaged
already for debian or not.

Christian
-- 
           Debian Developer (http://www.debian.org)
1024/26CC7853 31E6 A8CA 68FC 284F 7D16  63EC A9E6 67FF 26CC 7853

Attachment: pgpnqpw0eURXK.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: [off-topic?] Chrooting ssh/telnet users?
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: [off-topic?] Chrooting ssh/telnet users?
  - From: Andres Salomon <dilinger@mp3revolution.net>

References:
- [off-topic?] Chrooting ssh/telnet users?
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: Re: [off-topic?] Chrooting ssh/telnet users?
Next by Date: Re: [off-topic?] Chrooting ssh/telnet users?
Previous by thread: Re: [off-topic?] Chrooting ssh/telnet users?
Next by thread: Re: [off-topic?] Chrooting ssh/telnet users?
Index(es):
- Date
- Thread