Displaying 15 results from an estimated 15 matches for "chrootssh".
Did you mean:
chroots
2003 Dec 31
2
chroot + ssh concerns
...uestion.
In looking around, it seems that chroot has come up on this list
several times, and has been discussed ad nauseum on usenet. In looking
at the archives, it seems that the patch for this has been removed from
the contrib section of the ssh source.
While patches for chrooted ssh exist (chrootssh comes to mind), I've
also read the discussion here:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102163541912823&w=2
and am curious to get this groups take on possible solutions.
1. does anyone have recommendations/warnings about applying the
securessh patch? The two main p...
2008 May 25
1
OpenSSH + chroot + SELinux = broke
Hello,
First, a big thank you to the OpenSSH devs.
_ /Problem Summary:/
_ Chroot and SELinux don't get along. This affects both the new
(official) ChrootDirectory feature, as well as the older (3rd party)
patch at http://chrootssh.sourceforge.net/.
_ /History and repro:/
_ On March 21, 2008, Alexandre Rossi posted to this list with the
subject: "*ChrootDirectory fails if compiled with SELinux support
(whether or not using SELinux)*", and it can be read here:
http://www.gossamer-threads.com/lists/openssh/de...
2002 Jun 27
1
jailing transfer-only accounts
hello,
we need to transfer files in a secure way with different partners and
clients.
at the momet we're using commercial ssh because we found it the only way to
transfer files in a jailed environment and without offering a login shell.
we'd like to use openssh but found only some patches and wrapper scripts but
nothing "official" to do what we need.
i could image (and read on
2008 Jun 07
2
Chroot'ed SSH
...connect through SSH?
I looked for it on Google and I basically saw several methods:
- OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that
probably could be rebuilt under CentOS 5)
- There seem to be several patches for OpenSSH 4.x to do the chroot,
the most popular seems to be http://chrootssh.sf.net/
- There appears to be a pam_chroot
- There are solutions based on setting the user's shell to a
script/binary that does the chroot
By quickly looking at yum list, it doesn't seem like neither RHEL nor
CentOS directly support any of those, at least I didn't find any RPMs
for any...
2002 May 28
5
chroot patch
...or this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either.
Please check out http://chrootssh.sourceforge.net
I have some very basic documentation online, but it should give a general idea of how to use it. I'd love suggestions or anything else you feel the site lacks. Seeing as the patches are quite easy to make my main goal for the site is to provide enough documentation that I can co...
2008 May 28
2
Feature request
The sshd server has what I think is a serious flaw. There appears to be no way to turn off remote command execution. (someone please correct me if I am wrong).
We have a server which uses a chroot jail, and rbash to severely limit what users can do on our system. The remote command bypasses all of that.
ie. ssh user at host cat /etc/passwd will display the password file for the live system
2006 Jan 24
0
weird issues with DH Group1 key exchange
...rsion 1.23; Eclipse I have no idea.
What happens on the client side is:
bart: Reading configuration data /web/etc/noaccess/.ssh/config
bart: Reading configuration data /etc/ssh_config
bart: Connecting to eliza.ai.org, port 22.
bart: Remote protocol version 2.0, remote software version
OpenSSH_4.2-chrootsshbart: Net::SSH::Perl Version 1.23, protocol version
2.0.
bart: No compat match: OpenSSH_4.2-chrootssh.
bart: Connection established.
bart: Sent key-exchange init (KEXINIT), wait response.
bart: Algorithms, c->s: 3des-cbc hmac-sha1 none
bart: Algorithms, s->c: 3des-cbc hmac-sha1 none
bart: Ente...
2004 Nov 04
0
openssh chroot rpms
im rebuild the centos 3.3 openssh rpms with chroot patch. the rpms
available on
http://slackpkg.ath.cx/centos/chrootssh
Hardering your Centos box
2003 Jul 28
1
[Bug 177] chroot tools for OpenSSH 3.1p1
http://bugzilla.mindrot.org/show_bug.cgi?id=177
russell at flora.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |russell at flora.ca
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the
2004 Jun 29
1
[Bug 177] chroot tools for OpenSSH 3.1p1
...ional Comments From mlists.20.jardel at spamgourmet.com 2004-06-30 01:36 -------
I saw other chroot bugs were marked as WONTFIX. Why do you refuse adding chroot
to openssh?
SCP is a secure alternative to FTP, but doesn't have chroot as most of FTP
servers do.
This project is up to date
http://chrootssh.sourceforge.net/
Thank you
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Feb 10
0
Chroot with pam
Hey everyone,
As many of you may know, I maintain a patch to OpenSSH to chroot users
(http://chrootssh.sourceforge.net). It has been decided by the OpenSSH
developer's that such a patch should not be in the source because chroot
should occur outside of OpenSSH (which I agree with, but still need to
chroot users). Pam is capable of chrooting users and I am planning to
experiment with it but w...
2007 Sep 22
1
chroot support for ssh and sftp
List,
I'm current running an older, patched version of OpenSSH with chroot
support (OpenSSH_4.2-chrootsshp1). It's the chrootssh patch that James
Dennis has been providing. I checked back lately and found that even
with the portable OpenSSH source currently at 4.7p1, James doesn't have
anything newer than 4.5p1. I'd like to upgrade so I tried my hand at
implementing the patch in the 4.7p...
2004 Dec 20
3
chroot-ing users coming in via SSH and/or SFTP?
A client wants me to set up a mechanism whereby his customers can drop files
securely into directories on his FreeBSD server; he also wants them to be
able to retrieve files if needed. The server is already running OpenSSH,
and he himself is using Windows clients (TeraTerm and WinSCP) to access it,
so the logical thing to do seems to be to have his clients send and receive
files via SFTP or SCP.
2003 Aug 16
0
sftp-server (secure) chroot patch?
...course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users have use for it. I dont think the solution is to use SSH Corps version.
There are several chroot-patches available, like the chrootssh project and rssh (restricted shell sftp) and scponly. To make a long story short, none of these provide the ability to chroot sftp users in their homedir. That is, in these projects you are able to wonder around the chroot-tree /dev /bin /usr etc.
I have found rssh to be usable because it ables y...
2002 Nov 05
2
[PATCH] Add a chroot_users option to sshd
This patch adds a new option to sshd, chroot_users. It has the effect of
chroot()ing incoming ssh users to their home directory. Note: this option
does not work if UsePrivilegeSeparation is enabled.
Patch is based on OpenSSH 3.4p1.
*** servconf.h@@\main\1 Tue Oct 1 17:25:32 2002
--- servconf.h Wed Oct 2 06:17:48 2002
***************
*** 131,136 ****
--- 131,137 ----
char