Hello everyone, In response to emails such as the one below I have started a sourceforge site for this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either. Please check out http://chrootssh.sourceforge.net I have some very basic documentation online, but it should give a general idea of how to use it. I'd love suggestions or anything else you feel the site lacks. Seeing as the patches are quite easy to make my main goal for the site is to provide enough documentation that I can continue to update the patches and users and can download them and follow the documentation to set it up (and because classes will be taking up time I'd otherwise use to answer questions). Please try not to overwhelm me. :) -James PS. I'm expecting to be overwhelmed with this as I usally am, with replies so please try to make your questions "good questions" and try my documentation first. :) On Tue, 28 May 2002 13:31:23 -0500 hutch at brandonhutchinson.com wrote:> Hello James! > > I noticed a post of yours for an OpenSSH chroot patch, but I do not seem > to be able to find your updated patch in the message you sent. > > Here is the referenced post: > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102199576913629&w=2 > > Would it be possible to post the patch to the newsgroup or send it to me > as an attachment? I would greatly appreciate it, as I'm trying to get > chrooted SFTP going in my environment. > > Thanks! > > Brandon > > >
Any tips on that? SFTP is the last thing to work. sftp-server is in the crhooted libexec. TIA. -- Austin Gonyou Systems Architect, CCNA Coremetrics, Inc. Phone: 512-698-7250 email: austin at coremetrics.com "One ought never to turn one's back on a threatened danger and try to run away from it. If you do that, you will double the danger. But if you meet it promptly and without flinching, you will reduce the danger by half." Sir Winston Churchill -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: This is a digitally signed message part Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020528/8d291c75/attachment.bin
Le Mardi 28 Mai 2002 20:57, James Dennis a ?crit :> Hello everyone, > In response to emails such as the one below I have started a sourceforge > site for this patch. If your chuckling to yourself at the thought of a > sourceforge site over a patch, well, I did too when I first thought of it. > I don't have the bandwidth requirements at home to host it and Harvard Law > School doesn't want to host the patch for me either. Please check out > http://chrootssh.sourceforge.net > I have some very basic documentation online, but it should give a general > idea of how to use it. I'd love suggestions or anything else you feel the > site lacks. Seeing as the patches are quite easy to make my main goal for > the site is to provide enough documentation that I can continue to update > the patches and users and can download them and follow the documentation to > set it up (and because classes will be taking up time I'd otherwise use to > answer questions). Please try not to overwhelm me. :) > -James > PS. I'm expecting to be overwhelmed with this as I usally am, with replies > so please try to make your questions "good questions" and try my > documentation first. :)Hi James, I can hardly read the html pages because of their colours. Apart from that, I would love to apply the patch to existing OpenSSH rpms for Mandrake and RedHat. OpenSSH needs a chroot patch. Cheers, Jean-Michel POURE
On Wed, May 29, 2002 at 06:43:51PM +0200, Jean-Michel POURE wrote:> OpenSSH needs a chroot patch.but not a /./ hack.
Le Jeudi 30 Mai 2002 00:48, Markus Friedl a ?crit :> but not a /./ hack.Hi Markus, Could you please describe the pros and cons of such a patch? I need to chroot users in their home directory (one jail per user). If not using the patch, are there alternatives (if yes, please point me to some doc please)? Cheers, Jean-Michel POURE
Markus Friedl writes:> On Wed, May 29, 2002 at 06:43:51PM +0200, Jean-Michel POURE wrote: >> OpenSSH needs a chroot patch. > > but not a /./ hack.well, this is the only alternative readily available, and works well. why not, and if not, what other alternatives should we use ?