On Sun, Mar 27, 2011 at 4:57 PM, John R Pierce <pierce@xxxxxxxxxxxx> wrote:
> On 03/27/11 1:03 PM, Rainer Duffner wrote:
>> If you use sftp, it can be chroot'ed by default (see man-page).
>> (In reasonably recent version of sshd)
>
> I gather thats a sshd somewhat newer than the one included in CentOS 5
> ? the only mention of chroot in man sshd is the /var/empty/sshd dir
> used during preauthorization.
Yeah, it's not supported until OpenSSH version 5.x. That upgrade will
cause other surprises. Some colleagues ran headlong into it no longer
reading ".bashrc" unless it's an actual login sessin, and became quite
concerned when their local host-specific aliases were no longer
available to their remote "ssh" commands.
> I'd be very cautious on setting this up, or you could easily lose access
> to ssh shell sessions since ssh/scp/sftp are all so tightly coupled.
Yeah, I used to publish chroot cage tools for ssh-1, ssh-2, and
OpenSSH years ago.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
