Re: chroot and OpenSSH
> I don't have much experience with chroot, but I want to set up an SSH
> access for a user and restrict them to their home directory.
>
> I've done a little research and found out that the commercial SSH2
> provides "ChRootUsers" and "ChRootGroups" configuration directives.
> While I suppose that I could install SSH2 because their licensing allows
> for free use with the Linux OS, I would rather stick with OpenSSH, which
> is what I'm using now.
>
> According to the O'Reilly SSH book SSH2 is the only implementation of
> SSH with those directives built in. I decided to poke around on the
> OpenSSH mailing lists to see if there was any discussion of adding a
> similar feature to OpenSSH and it looks like there is/was an unofficial
> patch in the CVS but it was never incorporated into the official OpenSSH
> distro and subsequently not in the Linux port of OpenSSH. And I
> certainly don't know enough to try to port the patch myself.
>
> Then I tried the following which probably indicates my ignorance of the
> Linux/SSH/login process, I tried changing the user's shell: "/bin/bash"
> to a shell script with: usermod -s /bin/usr_login.sh which contained one line:
>
> chroot /path/to/userhomedir /bin/bash
>
> This fails, and I'm pretty sure that I know why, but I wanted to seek
> advice and guidance from those of you who might have experience with
> this before proceeding.
Did you add '/bin/usr_login.sh' to /etc/shells?
> Thanks in advance,
>
> eirik
--
Aaron Ghent.
You're not going crazy!
You're going sane...
In a crazy world!
-- The Tick
Reply to: