search for: chrootssh

...uestion. In looking around, it seems that chroot has come up on this list several times, and has been discussed ad nauseum on usenet. In looking at the archives, it seems that the patch for this has been removed from the contrib section of the ssh source. While patches for chrooted ssh exist (chrootssh comes to mind), I've also read the discussion here: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102163541912823&w=2 and am curious to get this groups take on possible solutions. 1. does anyone have recommendations/warnings about applying the securessh patch? The two main p...

Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory fails if compiled with SELinux support (whether or not using SELinux)*", and it can be read here: http://www.gossamer-threads.com/lists/openssh/de...

hello, we need to transfer files in a secure way with different partners and clients. at the momet we're using commercial ssh because we found it the only way to transfer files in a jailed environment and without offering a login shell. we'd like to use openssh but found only some patches and wrapper scripts but nothing "official" to do what we need. i could image (and read on

...connect through SSH? I looked for it on Google and I basically saw several methods: - OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that probably could be rebuilt under CentOS 5) - There seem to be several patches for OpenSSH 4.x to do the chroot, the most popular seems to be http://chrootssh.sf.net/ - There appears to be a pam_chroot - There are solutions based on setting the user's shell to a script/binary that does the chroot By quickly looking at yum list, it doesn't seem like neither RHEL nor CentOS directly support any of those, at least I didn't find any RPMs for any...

...or this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either. Please check out http://chrootssh.sourceforge.net I have some very basic documentation online, but it should give a general idea of how to use it. I'd love suggestions or anything else you feel the site lacks. Seeing as the patches are quite easy to make my main goal for the site is to provide enough documentation that I can co...

The sshd server has what I think is a serious flaw. There appears to be no way to turn off remote command execution. (someone please correct me if I am wrong). We have a server which uses a chroot jail, and rbash to severely limit what users can do on our system. The remote command bypasses all of that. ie. ssh user at host cat /etc/passwd will display the password file for the live system

...rsion 1.23; Eclipse I have no idea. What happens on the client side is: bart: Reading configuration data /web/etc/noaccess/.ssh/config bart: Reading configuration data /etc/ssh_config bart: Connecting to eliza.ai.org, port 22. bart: Remote protocol version 2.0, remote software version OpenSSH_4.2-chrootsshbart: Net::SSH::Perl Version 1.23, protocol version 2.0. bart: No compat match: OpenSSH_4.2-chrootssh. bart: Connection established. bart: Sent key-exchange init (KEXINIT), wait response. bart: Algorithms, c->s: 3des-cbc hmac-sha1 none bart: Algorithms, s->c: 3des-cbc hmac-sha1 none bart: Ente...

im rebuild the centos 3.3 openssh rpms with chroot patch. the rpms available on http://slackpkg.ath.cx/centos/chrootssh Hardering your Centos box

http://bugzilla.mindrot.org/show_bug.cgi?id=177 russell at flora.ca changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |russell at flora.ca ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

...ional Comments From mlists.20.jardel at spamgourmet.com 2004-06-30 01:36 ------- I saw other chroot bugs were marked as WONTFIX. Why do you refuse adding chroot to openssh? SCP is a secure alternative to FTP, but doesn't have chroot as most of FTP servers do. This project is up to date http://chrootssh.sourceforge.net/ Thank you ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hey everyone, As many of you may know, I maintain a patch to OpenSSH to chroot users (http://chrootssh.sourceforge.net). It has been decided by the OpenSSH developer's that such a patch should not be in the source because chroot should occur outside of OpenSSH (which I agree with, but still need to chroot users). Pam is capable of chrooting users and I am planning to experiment with it but w...

List, I'm current running an older, patched version of OpenSSH with chroot support (OpenSSH_4.2-chrootsshp1). It's the chrootssh patch that James Dennis has been providing. I checked back lately and found that even with the portable OpenSSH source currently at 4.7p1, James doesn't have anything newer than 4.5p1. I'd like to upgrade so I tried my hand at implementing the patch in the 4.7p...

A client wants me to set up a mechanism whereby his customers can drop files securely into directories on his FreeBSD server; he also wants them to be able to retrieve files if needed. The server is already running OpenSSH, and he himself is using Windows clients (TeraTerm and WinSCP) to access it, so the logical thing to do seems to be to have his clients send and receive files via SFTP or SCP.

...course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users have use for it. I dont think the solution is to use SSH Corps version. There are several chroot-patches available, like the chrootssh project and rssh (restricted shell sftp) and scponly. To make a long story short, none of these provide the ability to chroot sftp users in their homedir. That is, in these projects you are able to wonder around the chroot-tree /dev /bin /usr etc. I have found rssh to be usable because it ables y...

This patch adds a new option to sshd, chroot_users. It has the effect of chroot()ing incoming ssh users to their home directory. Note: this option does not work if UsePrivilegeSeparation is enabled. Patch is based on OpenSSH 3.4p1. *** servconf.h@@\main\1 Tue Oct 1 17:25:32 2002 --- servconf.h Wed Oct 2 06:17:48 2002 *************** *** 131,136 **** --- 131,137 ---- char