similar to: Chroot (theres that word again...)

Le Jeudi 11 Avril 2002 21:09, m.ibarra at cdcixis-na.com a ?crit : > I was curious to know if you had any luck in getting openssh's sftp > server properly configured to allow chrooted sftp logins? I have had > no success and need something quickly. Dear Mike, Unfortunately, I did not succeed to have it work. I got in contact with James Dennis <jdennis at law.harvard.edu>, who

Hello, I'm not sure if this is the list to mail, but I have updated chroot.diff for openssh 3.1. I thought more people are most likely using this and figured some people may lack the ability to update it themselves as certain functions were modified enough to require new function prototypes etc... I'd be happy to modify this again for future releases if you'd like. As I'm not on

Hey everyone, As many of you may know, I maintain a patch to OpenSSH to chroot users (http://chrootssh.sourceforge.net). It has been decided by the OpenSSH developer's that such a patch should not be in the source because chroot should occur outside of OpenSSH (which I agree with, but still need to chroot users). Pam is capable of chrooting users and I am planning to experiment with it

At the moment, if you start an rsyncd that's not running as root using default settings it will have some trouble. rsyncd tries to use chroot by default, but this will always fail if it's not started by root. It does emit an error message in this case, but I wonder if some people find this a bit confusing until they discover the setting. I have in the past. It might be better that if

I also forgot to mention. If anyone has any questions please cc jdennis at law.harvard.edu as I'm not on the openssh developer mailing list (I'm not an openssh developer :). -James

Hi there, everyone; I've had a few requests for an updated version of my chroot patch. (the version found in contrib is outdated) So, here it goes, updated to 2.3.0p1; "chroot.diff" is a plain diff for session.c (apply, compile and go). "chroot+configure.diff" is the same patch, plus an option to "configure" for enabling/disabling chroot support (./configure

Hello everyone, In response to emails such as the one below I have started a sourceforge site for this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either. Please check out

Hi All, I'm migrating a CentOS 6 bind instance (chrooted) to a CentOS 7 box and am curious of people's opinions on chrooting vs selinux as a way of securing bind. The bind-chroot on CentOS 7 also comes with a script (/usr/libexec/setup-named-chroot.sh) that sets up the much maligned systemd and, through bind mounts, creates and extra level of chroot hierarchy giving:

I went through the chroot/selinux review when Centos6 came out. I went with selinux and no chroot. I don't have too much of an issue with systemd; I am learning it as I go. I am putting up a Samba4 AD with Bind-DLZ backend. The Samba wiki explicitly calls out no chroot and kind of explains why. so I come out on the selinux side. On 09/09/2015 09:09 PM, Tom Robinson wrote: > Hi All,

You must mean your most wanted feature. Mine is the integration of Simon's GSS patches. Nico -- > -----Original Message----- > From: Jean-Michel POURE [mailto:jm.poure at freesurf.fr] > Sent: Friday, May 17, 2002 7:35 AM > To: Markus Friedl; openssh-unix-dev at mindrot.org > Subject: OpenSSH 3.2.2 released : chroot > > > Le Vendredi 17 Mai 2002 00:36, Markus

Hi all: I'm looking to chroot sftp; but not chroot ssh sessions. I came across some info that said this is possible. But after searching this list's archives and Google, I was rather confused about the different patches for chrooting, and couldn't find anything that appeared to only chroot sftp. Is such a patch available? Can someone point me in the right direction? Erik

On Sun, May 4, 2008 at 12:00 PM, Dan Yefimov <dan at nf15.lightwave.net.ru> wrote: > On Sun, 4 May 2008, john wrote: > > > > What exact steps have you taken to accomplish what Damien proposed? > > > > > Yes sorry Dan, I should have been specific. > > > > I created a file in my chroot root called /home/dev/auth.log > > > > Then I

When i run the application theres something error PROGRAM ERROR then blah blah anyone help me how to configure this application:(

Hi there, let me just ask if you know some good way to set up user chrooting in such a way, that each sftp user has its chroot directory entry somewhere (whatever path) and gets chrooted there upon its login? Maybe such feature is planned? Thanks... K.

http://bugzilla.mindrot.org/show_bug.cgi?id=779 Summary: Chroot environment for sftp client crazy Product: Portable OpenSSH Version: 3.7.1p2 Platform: Other URL: http://aixpanish.com OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo:

On Tue, Dec 01, 2015 at 04:58:11PM +0000, Richard W.M. Jones wrote: > On Tue, Dec 01, 2015 at 03:59:56PM +0100, Mateusz Guzik wrote: > > CHROOT_IN/OUT around commandvf are definitely problematic. chroot should be > > done in the child, which also removes the need to chroot out in the > > parent. > > The CHROOT_IN/OUT business does need to be rewritten. Every >

Hello, We are using dovecot (2.2.10) and it's working great! When I enable chrooting by appending /./ to the homedirs I'm getting errors like this: mail1 dovecot[47074]: imap(user): Error: Temp file creation to /tmp/dovecot.imap.mail1.70079. failed: No such file or directory On the surface everything seems to be working fine and I have not been able to produce the error myself. Any

Hi! I have tried to use PAM chroot module to chroot an user into his home directory after login. The problem is that it fails because "openpty returns device for which ttyname fails". The fix would be probably very similar to: https://bugzilla.mindrot.org/attachment.cgi?id=1415&action=diff So why OpenSSH is using ttyname which does not work without a proc on a newer glibc (it

Hi! I'm running a public rsync server (part of the gentoo rsync mirror hierarchy). As for configuration, rsyncd runs standalone with chrooting, offering two modules. After updating to 2.6.3 I noticed something odd in my log files: the time stamps seemed way out of sync. After a little digging (and changing the rsync code to include the time zone in the timestamp) I found out that different

Hi. What kind of chroot should I use, if I want to make a more secured desktop, running e.g.: pdf reader webbrowser audio player video player openoffice picture viewer mua ooo virtualbox e.g.: if theres a javascript vulnerability in google chrome [I haven't heard a NoScript extension for it :( ] a chroot would be good for stopping it from doing something bad with the whole system. or e.g.: