Displaying 9 results from an estimated 9 matches for "chrootdir".
Did you mean:
chroot_dir
2008 Oct 23
6
ChrootDirectory on a per key basis
...tion, in practice a single directory. The idea would be to allow
file access to this directory with a passwordless public key, but keep
rest of the users file accessible only with another, supposedly more
secure key.
I found a way to do this by running a separate sshd on a different
port with 'ChrootDirectory /some-dir' and 'ForceCommand internal-sftp'
configuration variables, but running two sshds is rather inelegent. Is
there a way to force this kind of configuration to only some keys? If
not, could the Match keyword be extended to match only certain keys,
or even better, could a ...
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser"
option in the sshd_config file.
I was looking for a way to offer sftp access and at the same time restict
interactive shell access. This patch is a necessary first step (IMO).
It applies clean with 'patch -l'.
Also attached is a shell script that helps to build a chrooted home dir on
a RedHat 7.2
2006 Mar 24
2
New sysinstall in 6.1-PRE. make own release
...r.conf for pxeboot.
Default not work -- machine panic with "no init" diagnose. Reason --
need string in loader.conf:
vfs.root.mountfrom="ufs:/dev/md0c"
(I need some another strings for my own loader.conf)
For creating release I use command:
make release BUILDNAME=6.1-PRERELEASE CHROOTDIR=/usr/release \
CVSROOT=/home/ncvs EXTSRCDIR=/usr/src KERNELS=OILSPACE1 \
LOCAL_PATCHES=/usr/src_local_patches NO_FLOPPIES=yes NO_ISOS=yes \
NODOC=yes NOPORTS=yes RELEASETAG=RELENG_6 KERNELS_BASE="OILSPACE1 \
GENERIC"
My local patches -- only new unionfs currently.
install.cfg I put in /u...
2003 Aug 14
1
RELENG_4_8 isos?
...nst' disk - that is, with
the release, docs, and a port tree, but no ports. This is so I can do
a fresh install without having to update the world... I am using a
script that looks like this...
#!/bin/sh
rm -rf /usr/obj
cd /usr/src
make -DNOCLEAN world kernel
cd /usr/src/release
make release CHROOTDIR=/usr/release \
CVSROOT=/usr/mirror/ncvs \
RELEASETAG=RELENG_4_8 -DMAKE_ISOS DOC_LANG=en_US.ISO8859-1
...this works fine for RELENG_4 but I haven't gotten it to work yet
for RELENG_4_8...
Thanks,
Mike H.
2003 May 11
1
make release headaches
...t cd to /usr/release/usr/src/sys/conf..
and it stops here for me ;) .. going further will feel like remaking
frankenstein.
Can somebody explain to me why the above is going so terribly wrong ?.
I tried man release ans the FreeBSD handbook without luck.
# define needed variables for make release
CHROOTDIR=/usr/release
BUILDNAME=4.8-RELENG
CVSROOT=/usr
RELEASETAG=RELENG_4_8
NOPORTS=YES
MAKE_ISOS=YES
export CHROOTDIR BUILDNAME CVSROOT RELEASETAG NOPORTS MAKE_ISOS
# make a ftp install dir and ISO's
cd /usr/src/release
make release
--
The whole problem with the world is that fools and fa...
2004 Sep 14
0
Tip: using icecast in chroot mode may break timestamp in access.log
Hi all,
Just thought I'd share this little bit of information.
If you're running Icecast in a chroot jail the timestamps in the access.log file will almost certainly be in UTC times. If you want local timezone timestamps you need to make sure the file /etc/localtime is in <chrootdir>/etc/localtime.
If you use a different timezone settings (generated using tzselect for example). You may need to copy the appropriate files from /usr/share/zoneinfo to your chroot basedir.
Just thought I'd share this with you folk, since it took me about an hour to figure it out.
Cheers,...
2003 Nov 18
0
question on chroot patches
...mmuniGate(tm) Pro*
When we last deployed OpenSSH (v. 3.4p1), we used a chroot patch
supplied by John Furman. Does anyone know if that is still being
maintained, and if so, where one may get it? If not, do any of the
other chroot patches use the same configuration syntax?
Specifically, it adds ChrootDir and ChrootUser to sshd_config.
Thanks,
--Jason
2003 Apr 13
2
chroot() as non-root user?
I suspect this has been asked before but I'll ask anyway.
Q1: Is it possible for a non-root process to perform a chroot?
My interest is this: I have a typical ISP hosting account (verio; on a
FreeBSD 4.4 server.) I'd like to install and run various CGI packages, yet
protect myself (and my email, and my .ssh keys) from bugs being exploited
in those CGI packages. Chroot at the start
2009 Jun 11
6
[Bug 1606] New: internal-sftp does not drop conections properly, it will hang
...mindrot.org/attachment.cgi?id=1648)
Temporarily fix (changed code in session.c) for this issue
Hello:
I have configured sshd_config as the following:
=================================================
Subsystem sftp /opt/ssh/libexec/sftp-server
#Subsystem sftp internal-sftp
Match User sftpch
ChrootDirectory /chrootdir
ForceCommand internal-sftp
==================================================
Now if somebody tries to do a ssh (not a sftp) with account sftpch,
the connection hangs.
And I have investigated this issue and generated a temporarily solution
for it.
Let's have a travel to t...