similar to: chroot + ssh concerns

A client wants me to set up a mechanism whereby his customers can drop files securely into directories on his FreeBSD server; he also wants them to be able to retrieve files if needed. The server is already running OpenSSH, and he himself is using Windows clients (TeraTerm and WinSCP) to access it, so the logical thing to do seems to be to have his clients send and receive files via SFTP or SCP.

The sshd server has what I think is a serious flaw. There appears to be no way to turn off remote command execution. (someone please correct me if I am wrong). We have a server which uses a chroot jail, and rbash to severely limit what users can do on our system. The remote command bypasses all of that. ie. ssh user at host cat /etc/passwd will display the password file for the live system

Hi, Is anyone chrooting users that connect through SSH? I looked for it on Google and I basically saw several methods: - OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that probably could be rebuilt under CentOS 5) - There seem to be several patches for OpenSSH 4.x to do the chroot, the most popular seems to be http://chrootssh.sf.net/ - There appears to be a pam_chroot - There are

Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory

Hello everyone, In response to emails such as the one below I have started a sourceforge site for this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either. Please check out

-----Original Message----- From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Rainer Duffner Sent: Samstag, 21. Oktober 2017 00:41 To: CentOS mailing list Subject: Re: [CentOS] scp setup jailed chroot on Centos7 > Am 20.10.2017 um 15:58 schrieb Adrian Jenzer <a.jenzer at herzogdemeuron.com>: > > Dear all > > I'm looking for instructions on how to setup a

Hello, I know this chroot issue has been brought up many times before on this list. I saw that the contribibuted chroot-patch was removed from the contrib directory because it always was out of date. The main reason was of course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users

https://bugzilla.mindrot.org/show_bug.cgi?id=1235 donkishoot at wanadoo.fr changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |donkishoot at wanadoo.fr --- Comment #5 from donkishoot at wanadoo.fr 2009-06-24 23:41:20 --- I have a bug that i think is

http://bugzilla.mindrot.org/show_bug.cgi?id=177 russell at flora.ca changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |russell at flora.ca ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

Hey everyone, As many of you may know, I maintain a patch to OpenSSH to chroot users (http://chrootssh.sourceforge.net). It has been decided by the OpenSSH developer's that such a patch should not be in the source because chroot should occur outside of OpenSSH (which I agree with, but still need to chroot users). Pam is capable of chrooting users and I am planning to experiment with it

List, I'm current running an older, patched version of OpenSSH with chroot support (OpenSSH_4.2-chrootsshp1). It's the chrootssh patch that James Dennis has been providing. I checked back lately and found that even with the portable OpenSSH source currently at 4.7p1, James doesn't have anything newer than 4.5p1. I'd like to upgrade so I tried my hand at implementing the patch

http://bugzilla.mindrot.org/show_bug.cgi?id=177 mlists.20.jardel at spamgourmet.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mlists.20.jardel at spamgourmet | |.com ------- Additional Comments From

im rebuild the centos 3.3 openssh rpms with chroot patch. the rpms available on http://slackpkg.ath.cx/centos/chrootssh Hardering your Centos box

Hi, As per the subject line - if I look up setting up chroot jails for SFTP over SSH2 I'm led to various Web sites and patches and also to a CentOS wiki page dated 2005, but what's the 'best' or 'correct' way to set this up for Centos 4.5 and 5? Thanks

On Tue, Feb 14, 2012 at 10:59:22AM -0500, Igor Lvovsky wrote: > > Hi, > I want to discuss $subject on the email just to be sure that we all on the > same page. > > So, today in 3.0 vdsm has two ways to create VM with cdrom : > 1. If RHEV-M ask to create VM with cdrom, vdsm just create it > 2. RHEV-M doesn't ask to create VM with cdrom, vdsm still creates VM with

Hi all: I'm looking to chroot sftp; but not chroot ssh sessions. I came across some info that said this is possible. But after searching this list's archives and Google, I was rather confused about the different patches for chrooting, and couldn't find anything that appeared to only chroot sftp. Is such a patch available? Can someone point me in the right direction? Erik

Hi Does anyone know if chroot is part of the latest openssh . If not how do I enable the chroot feature with the openssh. Any help is appreciated. I am currently running 3.7.1p2. This version allows the user to traverse to other dirs and they can ftp the files . I want to lock down the users to their home dir . thanks

Hello My ssh terminal froze some times, and I was thinking it might be related to centos , but now I found that even ubuntu users experiencing the same problem. does ssh logs any where, and what do you suggest for finding the cause. Thanks

Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be

https://bugzilla.samba.org/show_bug.cgi?id=1890 devzero at web.de changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |devzero at web.de ------- Comment #3 from devzero at web.de 2009-08-07 05:11 CST ------- wouldn`t it be better to give up on that effort