[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

chroot and OpenSSH

I don't have much experience with chroot, but I want to set up an SSH
access for a user and restrict them to their home directory.

I've done a little research and found out that the commercial SSH2
provides "ChRootUsers" and "ChRootGroups" configuration directives.
While I suppose that I could install SSH2 because their licensing allows
for free use with the Linux OS, I would rather stick with OpenSSH, which
is what I'm using now.

According to the O'Reilly SSH book SSH2 is the only implementation of
SSH with those directives built in.  I decided to poke around on the
OpenSSH mailing lists to see if there was any discussion of adding a
similar feature to OpenSSH and it looks like there is/was an unofficial
patch in the CVS but it was never incorporated into the official OpenSSH
distro and subsequently not in the Linux port of OpenSSH.  And I
certainly don't know enough to try to port the patch myself.

Then I tried the following which probably indicates my ignorance of the
Linux/SSH/login process, I tried changing  the user's shell: "/bin/bash"
to a shell script with: usermod -s /bin/usr_login.sh which contained one line:

chroot /path/to/userhomedir /bin/bash

This fails, and I'm pretty sure that I know why, but I wanted to seek
advice and guidance from those of you who might have experience with
this before proceeding.

Thanks in advance,

fn:Eirik Dentz

Reply to: